Lucene search
K

15 matches found

NVD
NVD
added 2023/03/06 9:15 p.m.23 views

CVE-2023-24734

An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...

9.8CVSS9.5AI score0.20721EPSS
Exploits1References1
NVD
NVD
added 2023/03/06 9:15 p.m.20 views

CVE-2023-24733

PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950new.php...

6.1CVSS6.1AI score0.01169EPSS
Exploits1References1
NVD
NVD
added 2023/03/06 9:15 p.m.25 views

CVE-2023-24736

PMB v7.4.6 was discovered to contain a remote code execution RCE vulnerability via the component /sauvegarde/restaureact.php...

9.8CVSS9.9AI score0.0161EPSS
Exploits1References1
NVD
NVD
added 2023/03/06 9:15 p.m.23 views

CVE-2023-24735

PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opaccss/pmb.php. This vulnerability allows attackers to redirect victim users to an external domain via a crafted URL...

6.1CVSS6.1AI score0.0108EPSS
Exploits1References1
Prion
Prion
added 2023/03/06 9:15 p.m.12 views

Open redirect

PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opaccss/pmb.php. This vulnerability allows attackers to redirect victim users to an external domain via a crafted URL...

5.8CVSS6.1AI score0.0108EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/03/06 9:15 p.m.19 views

Design/Logic Flaw

An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...

7.5CVSS9.5AI score0.20721EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/03/06 9:15 p.m.15 views

Cross site scripting

PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950.php...

5.8CVSS6AI score0.01169EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/03/06 12:0 a.m.64 views

CVE-2023-24734

PMB v7.4.6 is affected by an arbitrary file upload vulnerability in the camera_upload.php component that enables attackers to execute arbitrary code via a crafted image file. Affected product/entity: PMB 7.4.6; vulnerable component: camera_upload.php. Root cause not explicitly stated beyond “arbi...

9.8CVSS9.4AI score0.20721EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/03/06 12:0 a.m.26 views

CVE-2023-24736

PMB v7.4.6 was discovered to contain a remote code execution RCE vulnerability via the component /sauvegarde/restaureact.php...

10AI score0.0161EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/03/06 12:0 a.m.26 views

CVE-2023-24735

PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opaccss/pmb.php. This vulnerability allows attackers to redirect victim users to an external domain via a crafted URL...

6.3AI score0.0108EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/03/06 12:0 a.m.11 views

CVE-2023-24734

An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...

8AI score0.20721EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/03/06 12:0 a.m.27 views

CVE-2023-24737

PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950.php...

6.2AI score0.01169EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/03/06 12:0 a.m.25 views

CVE-2023-24733

PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950new.php...

6.2AI score0.01169EPSS
Exploits1References1
CVE
CVE
added 2023/03/06 12:0 a.m.82 views

CVE-2023-24733

PMB v7.4.6 has a reflected Cross-Site Scripting (XSS) vulnerability via the query parameter in /admin/convert/export_z3950_new.php. An attacker can inject arbitrary script into the browser context of the affected site, potentially stealing cookie-based authentication credentials, enabling session...

6.1CVSS6AI score0.01169EPSS
In wildExploits1References1Affected Software1
Cvelist
Cvelist
added 2023/03/06 12:0 a.m.25 views

CVE-2023-24734

An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...

9.7AI score0.20721EPSS
Exploits1References1
Rows per page
Query Builder