CVE-2025-15153
Unknown Unknown - Not Provided
Unauthorized File Access via SQLite Database in PbootCMS

Publication date: 2025-12-28

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing a manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit has been made available to the public and could be used for attacks. Modifying the configuration settings is advised.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-28
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-12-28
EPSS Evaluated
2026-06-15
NVD
CVE-2025-15153
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
pbootcms pbootcms 3.2.12
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-425 The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
CWE-552 The product makes files or directories accessible to unauthorized actors, even though they should not be.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a weakness in PbootCMS up to version 3.2.12 related to the SQLite database file /data/pbootcms.db. It allows an attacker to manipulate this file or its functions, potentially making files or directories accessible that should not be. The attack can be launched remotely but is highly complex and difficult to exploit. The exploit is publicly available, and modifying configuration settings is recommended to mitigate the risk.

Impact Analysis

The vulnerability can lead to unauthorized access to files or directories within the system, which may expose sensitive data or system information. Although the exploitability is difficult, the fact that the exploit is publicly available increases the risk. This could compromise the confidentiality of data stored in the affected system.

Mitigation Strategies

Modifying the configuration settings of PbootCMS is advised to mitigate this vulnerability.

Compliance Impact

This vulnerability exposes sensitive information such as administrator credentials, user personal data, SMTP passwords, and API secrets due to the SQLite database file being accessible without proper access controls. Such exposure can lead to unauthorized access to personal and confidential data, which violates data protection requirements under standards like GDPR and HIPAA. The unauthorized disclosure of personal and sensitive information compromises confidentiality obligations, potentially resulting in non-compliance with these regulations. [1, 2, 3]

Detection Guidance

This vulnerability can be detected by checking if the SQLite database file is accessible via the web server before the first admin login. You can use the following commands to verify accessibility and download the database file for inspection: 1. Check if the database file is accessible: ```curl -I "http://<target>/data/pbootcms.db"``` Look for HTTP 200 OK response with content type 'application/octet-stream'. 2. Download the database file: ```curl -o stolen.db "http://<target>/data/pbootcms.db"``` 3. Confirm the file type: ```file stolen.db``` Expected output: SQLite 3.x database. 4. Extract administrator credentials from the database: ```sqlite3 stolen.db "SELECT id, username, password FROM ay_user;"``` These steps help detect if the database file is exposed and vulnerable to unauthorized access. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-15153. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart