Vulnerabilities > Sigb > PMB > 7.3.10

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2023-46474 Unrestricted Upload of File with Dangerous Type vulnerability in Sigb PMB
File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file.
network
low complexity
sigb CWE-434
7.2
7.2
2022-06-23 CVE-2022-34328 Cross-site Scripting vulnerability in Sigb PMB 7.3.10
PMB 7.3.10 allows reflected XSS via the id parameter in an lvl=author_see request to index.php.
network
low complexity
sigb CWE-79
6.1
6.1