GobyVuls/PbootCMS/PbootCMS_parserIfLabel_RCE/README.md

# PbootCMS parserIfLabel RCE

A Remote Code Execution vulnerability exists in parserIfLabel function. Exploit demand: PbootCMS 3.0.1-3.0.4, PHP >= 7.0, system() function is not forbidden.

**FOFAquery rule**: [app="PBOOTCMS"](https://fofa.so/result?qbase64=YXBwPSJQQk9PVENNUyI%3D)

# Demo

![](PbootCMS_parserIfLabel_RCE.gif)
add PbootCMS parserIfLabel RCE 2021-07-06 14:49:17 +08:00			`# PbootCMS parserIfLabel RCE`

			`A Remote Code Execution vulnerability exists in parserIfLabel function. Exploit demand: PbootCMS 3.0.1-3.0.4, PHP >= 7.0, system() function is not forbidden.`

			`FOFAquery rule: [app="PBOOTCMS"](https://fofa.so/result?qbase64=YXBwPSJQQk9PVENNUyI%3D)`

			`# Demo`

			`![](PbootCMS_parserIfLabel_RCE.gif)`