PbootCMS SQLite Database pbootcms.db file access_CVE-2025-15153

6.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit has been made available to the public and could be exploited. Modifying the configuration settings is advised.

Basic Information

ID CVE-2025-15153

Source VulDB

Published Dec 28, 2025 at 20:32

Affected Product

Vendor n/a

Product PbootCMS

Version 3.2.0

Affected Versions n/a PbootCMS 3.2.0
n/a PbootCMS 3.2.1
n/a PbootCMS 3.2.2
n/a PbootCMS 3.2.3
n/a PbootCMS 3.2.4
n/a PbootCMS 3.2.5
n/a PbootCMS 3.2.6
n/a PbootCMS 3.2.7
n/a PbootCMS 3.2.8
n/a PbootCMS 3.2.9
n/a PbootCMS 3.2.10
n/a PbootCMS 3.2.11
n/a PbootCMS 3.2.12

CWE Classification

CWE-552 CWE-425

References

{
    "lastseen": "",
    "description": "A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit has been made available to the public and could be exploited. Modifying the configuration settings is advised.",
    "published": "2025-12-28T20:32:07.587Z",
    "modified": "2025-12-28T20:32:07.587Z",
    "type": "cve",
    "title": "PbootCMS SQLite Database pbootcms.db file access",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.338531\nhttps://vuldb.com/?ctiid.338531\nhttps://vuldb.com/?submit.719814\nhttps://note-hxlab.wetolink.com/share/ALC1iSa8J56A",
    "id": "CVE-2025-15153",
    "bulletinFamily": "",
    "cwe": [
        "CWE-552",
        "CWE-425"
    ],
    "cvelist": null,
    "sourceData": "n/a PbootCMS 3.2.0\nn/a PbootCMS 3.2.1\nn/a PbootCMS 3.2.2\nn/a PbootCMS 3.2.3\nn/a PbootCMS 3.2.4\nn/a PbootCMS 3.2.5\nn/a PbootCMS 3.2.6\nn/a PbootCMS 3.2.7\nn/a PbootCMS 3.2.8\nn/a PbootCMS 3.2.9\nn/a PbootCMS 3.2.10\nn/a PbootCMS 3.2.11\nn/a PbootCMS 3.2.12",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PbootCMS",
    "version": "3.2.0",
    "vendor": "n/a",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}