3 matches found
CVE-2023-24735
PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opaccss/pmb.php. This vulnerability allows attackers to redirect victim users to an external domain via a crafted URL...
CVE-2023-24734
An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...
PT-2023-19757 · Pmb · Pmb
Name of the Vulnerable Software and Affected Versions: PMB version 7.4.6 Description: A reflected cross-site scripting XSS issue was found in PMB via the query parameter at "/admin/convert/export z3950 new.php". This allows for potential XSS attacks. Recommendations: For PMB version 7.4.6, consid...