CVE-2025-15154 | PbootCMS up to 3.2.12 Header core/function/handle.php get_user_ip X-Forwarded-For less trusted source

Inserito da Angelo Barbosa | Dic 27, 2025 | CVE

A vulnerability marked as problematic has been reported in PbootCMS up to 3.2.12. The affected element is the function get_user_ip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source.

This vulnerability is documented as CVE-2025-15154. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2025-15154 | PbootCMS up to 3.2.12 Header core/function/handle.php get_user_ip X-Forwarded-For less trusted source

Post correlati

CVE-2025-47690 | smackcoders Lead Form Data Collection to CRM Plugin up to 3.1 on WordPress save_thirdparty_form_title authorization

CVE-2025-1306 | spicethemes Newscrunch Plugin up to 1.8.4 on WordPress newscrunch_install_and_activate_plugin cross-site request forgery

CVE-2024-2937 | Arm Bifrost GPU Kernel Driver up to r49p0 use after free

CVE-2024-40764 | SonicWall SonicOS IPSec VPN heap-based overflow (SNWLID-2024-0012)