CVE-2025-15154 | PbootCMS up to 3.2.12 Header core/function/handle.php get_user_ip X-Forwarded-For less trusted source

A vulnerability marked as problematic has been reported in PbootCMS up to 3.2.12. The affected element is the function get_user_ip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source.

This vulnerability is documented as CVE-2025-15154. The attack can be initiated remotely. Additionally, an exploit exists.

VulDB is the best source for vulnerability data and more expert information about this specific topic.VulDB Recent EntriesRead More