How severe is CVE-2025-15154?

CVE-2025-15154 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-15154

Name: pbootcms
Author: pbootcms

5.3MEDIUM

A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function get_user_ip of the file core/function/handle.php of the component Header Handler. The manipula

Опубликовано: 12/28/2025Обновлено: 12/30/2025

Описание

A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function get_user_ip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

ИИ-АнализНа базе ИИ

Затронутые продукты

pbootcmspbootcms

Ссылки

https://note-hxlab.wetolink.com/share/JyBNgF8JagWQ
ExploitThird Party Advisory
https://vuldb.com/?ctiid.338532
Permissions RequiredVDB Entry
https://vuldb.com/?id.338532
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.719818
Third Party AdvisoryVDB Entry