CVE-2024-12789

Name of the Vulnerable Software and Affected Versions PbootCMS versions up to 3.2.3

Description A critical issue has been found in PbootCMS, affecting an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations For PbootCMS versions up to 3.2.3, upgrade to version 3.2.4 to address this issue. As a temporary workaround, consider restricting access to the affected component, specifically the IndexController.php file, until the update is applied.