Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

CVE
CVEadded 2026/01/28 5:35 p.m.8 views

CVE-2020-36970

CVE-2020-36970 affects PMB 5.6, with a local file disclosure vulnerability in getgif.php triggered by unsanitized input of the chemin parameter. Attackers can read arbitrary system files (e.g., /etc/passwd) by crafting requests to getgif.php, leading to high impact on confidentiality. The provide...

8.4CVSS6AI score0.0001EPSS
Exploits0References4
CVE
CVEadded 2025/05/27 12:0 a.m.43 views

CVE-2025-48743

SIGB PMB contains a SQL injection vulnerability in versions prior to 8.0.1.2. The issue stems from input handling that allows SQL injection. Impact indicators in the sources show high confidentiality, integrity, and availability impacts (NVD CVSSv3.1 base score 9.8; another assessment shows base ...

9.8CVSS6AI score0.00211EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/05/27 12:0 a.m.4 views

PT-2025-22911 · Sigb Pmb · Sigb Pmb

Name of the Vulnerable Software and Affected Versions: SIGB PMB version 8.0.1.2 and earlier Description: The issue allows attackers to achieve Local File Inclusion and remote code execution. Recommendations: For SIGB PMB version 8.0.1.2 and earlier, update to version 8.0.1.2 or later to resolve t...

9.8CVSS7.5AI score0.00963EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/05/23 5:16 a.m.8 views

CVE-2023-38844

SQL injection vulnerability in PMB v.7.4.7 and earlier allows a remote attacker to execute arbitrary code via the thesaurus parameter in exportskos.php...

7.5CVSS8.7AI score0.00198EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:58 a.m.6 views

CVE-2023-46474

File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the startimport.php file...

7.2CVSS8.2AI score0.72688EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/05/23 3:22 a.m.5 views

CVE-2023-24737

PMB v7.4.6 was discovered to contain a reflected cross-site scripting XSS vulnerability via the query parameter at /admin/convert/exportz3950.php...

6.1CVSS6.2AI score0.03412EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:22 a.m.6 views

CVE-2023-24736

PMB v7.4.6 was discovered to contain a remote code execution RCE vulnerability via the component /sauvegarde/restaureact.php...

9.8CVSS8.4AI score0.09043EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:22 a.m.9 views

CVE-2023-24735

PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opaccss/pmb.php. This vulnerability allows attackers to redirect victim users to an external domain via a crafted URL...

6.1CVSS7.1AI score0.07119EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2023/03/06 9:15 p.m.1 views

CVE-2023-24734

An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...

9.8CVSS6.3AI score0.03178EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/03/06 12:0 a.m.2 views

PT-2023-19757 · Pmb · Pmb

Name of the Vulnerable Software and Affected Versions: PMB version 7.4.6 Description: A reflected cross-site scripting XSS issue was found in PMB via the query parameter at "/admin/convert/export z3950 new.php". This allows for potential XSS attacks. Recommendations: For PMB version 7.4.6, consid...

6.1CVSS6AI score0.14924EPSS
Exploits1References4
Rows per page
Query Builder