190 matches found
PMB 7.3.10 - Cross-Site Scripting
PMB 7.3.10 contains a reflected cross-site scripting vulnerability via the id parameter in an lvl=authorsee request to index.php. id: CVE-2022-34328 info: name: PMB 7.3.10 - Cross-Site Scripting author: edoardottt severity: medium description: | PMB 7.3.10 contains a reflected cross-site scriptin...
PMB v7.4.6 - Cross-Site Scripting
PMB v7.4.6 allows an attacker to perform a reflected XSS on exportz3950.php via the 'query' parameter. id: CVE-2023-24737 info: name: PMB v7.4.6 - Cross-Site Scripting author: r3Y3r53 severity: medium description: | PMB v7.4.6 allows an attacker to perform a reflected XSS on exportz3950.php via t...
CVE-2020-37105
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. Attackers can leverage this vulnerability by sending crafted requests to the /admin/sauvegarde/download.php...
CVE-2020-37105
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands via the logid parameter to /admin/sauvegarde/download.php. Affected component is the download script; root cause is improper handling/validati...
CVE-2020-37105 PMB 5.6 - 'logid' SQL Injection
PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. Attackers can leverage this vulnerability by sending crafted requests to the /admin/sauvegarde/download.php...
SIGB PMB SQL注入漏洞
SIGB PMB is an open-source integrated library management system developed by SIGB Corporation. Version 5.6 of SIGB PMB contains a SQL injection vulnerability. This vulnerability stems from the logid parameter in the management download script, which allows for SQL injections. As a result,...
CVE-2020-36970
CVE-2020-36970 affects PMB 5.6, with a local file disclosure vulnerability in getgif.php triggered by unsanitized input of the chemin parameter. Attackers can read arbitrary system files (e.g., /etc/passwd) by crafting requests to getgif.php, leading to high impact on confidentiality. The provide...
CVE-2020-36970 PMB 5.6 - 'chemin' Local File Disclosure
PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the...
CVE-2020-36970
PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the...
SIGB PMB SQL注入漏洞
SIGB PMB is an open source integrated library management system from SIGB. A SQL injection vulnerability exists in SIGB PMB version 7.4.6, which stems from insufficient cleanup of the id parameter in the ajax.php endpoint, which could lead to a SQL injection attack...
CVE-2025-61168
An issue in the cmsrest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file...
CVE-2025-61168
An issue in the cmsrest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file...
CVE-2025-61167
SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opaccss/ajaxselector.php component via the id and datas parameters...
PT-2025-48069
Name of the Vulnerable Software and Affected Versions SIGB PMB version 8.0.1.14 Description The software contains multiple SQL injection flaws in the /opac css/ajax selector.php component. These flaws are triggered through the id and datas parameters. The component is susceptible to manipulation...
EUVD-2007-1409
Malware in sbrugna...
EUVD-2014-9277
Malware in sbrugna...
EUVD-2025-16768
Malicious code in bioql PyPI...
EUVD-2025-1698
Malicious code in bioql PyPI...
EUVD-2025-1696
Malicious code in bioql PyPI...
EUVD-2024-23560
Malicious code in bioql PyPI...