Pbootcms Getshell PoC
When we download source file,we can found the file PbootCMSDoc.CHM in Absolute directory.
PbootCMSDoc.CHM is a Development Manual .
It's mean that we can use the php code in {pboot:if(php code)}{/pboot:if} IF label.
Vulnerability file :\apps\home\controller\ParserController.php
about the IF label code at 1273-1300 lines

The eval() can execute the php code through the IF Label {pboot:if(php code)}{/pboot:if}.
And Function parserIfLabel() have no use filter function before using eval().
So one more thing is finding a place to use the IF label {pboot:if(php code)}{/pboot:if}
we found two site whice insert the php code.





