25 matches found
SIGB PMB SQL注入漏洞
SIGB PMB is an open-source integrated library management system developed by SIGB Corporation. Version 5.6 of SIGB PMB contains a SQL injection vulnerability. This vulnerability stems from the logid parameter in the management download script, which allows for SQL injections. As a result,...
SIGB PMB SQL注入漏洞
SIGB PMB is an open source integrated library management system from SIGB. A SQL injection vulnerability exists in SIGB PMB version 7.4.6, which stems from insufficient cleanup of the id parameter in the ajax.php endpoint, which could lead to a SQL injection attack...
CVE-2025-61168
An issue in the cmsrest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file...
CVE-2025-61168
An issue in the cmsrest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file...
PT-2025-48069
Name of the Vulnerable Software and Affected Versions SIGB PMB version 8.0.1.14 Description The software contains multiple SQL injection flaws in the /opac css/ajax selector.php component. These flaws are triggered through the id and datas parameters. The component is susceptible to manipulation...
EUVD-2025-16768
Malicious code in bioql PyPI...
CVE-2025-48742
The installer in SIGB PMB before and fixed in v.8.0.1.2 allows remote code execution...
CVE-2025-48742
The installer in SIGB PMB before and fixed in v.8.0.1.2 allows remote code execution...
CVE-2025-48742
The installer in SIGB PMB before and fixed in v.8.0.1.2 allows remote code execution...
CVE-2025-48744
In SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution...
CVE-2025-48744
In SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution...
CVE-2025-48743
SIGB PMB before 8.0.1.2 allows SQL injection...
SIGB PMB 访问控制错误漏洞
SIGB PMB is an open source integrated library management system from SIGB. An access control error vulnerability exists in SIGB PMB versions prior to 8.0.1.2, which stems from the installation program allowing remote code execution...
CVE-2025-48743
SIGB PMB before 8.0.1.2 allows SQL injection...
CVE-2025-48743
SIGB PMB contains a SQL injection vulnerability in versions prior to 8.0.1.2. The issue stems from input handling that allows SQL injection. Impact indicators in the sources show high confidentiality, integrity, and availability impacts (NVD CVSSv3.1 base score 9.8; another assessment shows base ...
PT-2025-22958 · Sigb Pmb · Sigb Pmb
Name of the Vulnerable Software and Affected Versions: SIGB PMB versions prior to 8.0.1.2 Description: The issue allows remote code execution due to a problem in the installer. Recommendations: For versions prior to 8.0.1.2, update to version 8.0.1.2 or later to resolve the issue...
CVE-2025-48743
SIGB PMB before 8.0.1.2 allows SQL injection...
CVE-2025-48742
The CVE-2025-48742 affects SIGB PMB installers prior to version 8.0.1.2, where the installer component allows remote code execution. Impact is described as remote code execution with network access and no user interaction; remediation is to upgrade to 8.0.1.2 or later. Connected reports also conf...
PT-2025-22911 · Sigb Pmb · Sigb Pmb
Name of the Vulnerable Software and Affected Versions: SIGB PMB version 8.0.1.2 and earlier Description: The issue allows attackers to achieve Local File Inclusion and remote code execution. Recommendations: For SIGB PMB version 8.0.1.2 and earlier, update to version 8.0.1.2 or later to resolve t...
CVE-2025-48744
SIGB PMB prior to 8.0.1.2 is affected by a Local File Inclusion vulnerability that can lead to remote code execution. The issue affects SIGB PMB versions before 8.0.1.2, with CVSS3.1 base metrics indicating high impact (Confidentiality/Integrity/Availability: High; Score up to 9.8 per NVD). There...