Vulnerabilities > Sigb > PMB

DATE CVE VULNERABILITY TITLE RISK
2025-01-16 CVE-2025-0471 Unrestricted Upload of File with Dangerous Type vulnerability in Sigb PMB
Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above.
network
low complexity
sigb CWE-434
critical
 9.8
9.8
2025-01-16 CVE-2025-0472 Information Exposure vulnerability in Sigb PMB
Information exposure in the PMB platform affecting versions 4.2.13 and earlier.
network
low complexity
sigb CWE-200
7.5
7.5
2025-01-16 CVE-2025-0473 Incomplete Cleanup vulnerability in Sigb PMB
Vulnerability in the PMB platform that allows an attacker to persist temporary files on the server, affecting versions 4.0.10 and above.
network
low complexity
sigb CWE-459
7.5
7.5
2024-05-27 CVE-2024-26289 Deserialization of Untrusted Data vulnerability in Sigb PMB
Deserialization of Untrusted Data vulnerability in PMB Services PMB allows Remote Code Inclusion.This issue affects PMB: from 7.5.1 before 7.5.6-2, from 7.4.1 before 7.4.9, from 7.3.1 before 7.3.18.
network
low complexity
sigb CWE-502
critical
 9.8
9.8
2024-01-11 CVE-2023-46474 Unrestricted Upload of File with Dangerous Type vulnerability in Sigb PMB
File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file.
network
low complexity
sigb CWE-434
7.2
7.2
2023-03-06 CVE-2023-24733 Cross-site Scripting vulnerability in Sigb PMB 7.4.6
PMB v7.4.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the query parameter at /admin/convert/export_z3950_new.php.
network
low complexity
sigb CWE-79
6.1
6.1
2023-03-06 CVE-2023-24734 Use After Free vulnerability in Sigb PMB 7.4.6
An arbitrary file upload vulnerability in the camera_upload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file.
network
low complexity
sigb CWE-416
critical
 9.8
9.8
2023-03-06 CVE-2023-24735 Open Redirect vulnerability in Sigb PMB 7.4.6
PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opac_css/pmb.php.
network
low complexity
sigb CWE-601
6.1
6.1
2023-03-06 CVE-2023-24736 Unspecified vulnerability in Sigb PMB 7.4.6
PMB v7.4.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /sauvegarde/restaure_act.php.
network
low complexity
sigb
critical
 9.8
9.8
2023-03-06 CVE-2023-24737 Cross-site Scripting vulnerability in Sigb PMB 7.4.6
PMB v7.4.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the query parameter at /admin/convert/export_z3950.php.
network
low complexity
sigb CWE-79
6.1
6.1