27 matches found
PMB 7.3.10 - Cross-Site Scripting
PMB 7.3.10 contains a reflected cross-site scripting vulnerability via the id parameter in an lvl=authorsee request to index.php. id: CVE-2022-34328 info: name: PMB 7.3.10 - Cross-Site Scripting author: edoardottt severity: medium description: | PMB 7.3.10 contains a reflected cross-site scriptin...
SIGB PMB SQL注入漏洞
SIGB PMB is an open-source integrated library management system developed by SIGB Corporation. Version 5.6 of SIGB PMB contains a SQL injection vulnerability. This vulnerability stems from the logid parameter in the management download script, which allows for SQL injections. As a result,...
SIGB PMB SQL注入漏洞
SIGB PMB is an open source integrated library management system from SIGB. A SQL injection vulnerability exists in SIGB PMB version 7.4.6, which stems from insufficient cleanup of the id parameter in the ajax.php endpoint, which could lead to a SQL injection attack...
CVE-2025-61168
An issue in the cmsrest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file...
PT-2025-48069
Name of the Vulnerable Software and Affected Versions SIGB PMB version 8.0.1.14 Description The software contains multiple SQL injection flaws in the /opac css/ajax selector.php component. These flaws are triggered through the id and datas parameters. The component is susceptible to manipulation...
CVE-2025-61168
An issue in the cmsrest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file...
EUVD-2025-16768
Malicious code in bioql PyPI...
CVE-2025-48742
The installer in SIGB PMB before and fixed in v.8.0.1.2 allows remote code execution...
CVE-2025-48742
The installer in SIGB PMB before and fixed in v.8.0.1.2 allows remote code execution...
CVE-2025-48742
The installer in SIGB PMB before and fixed in v.8.0.1.2 allows remote code execution...
CVE-2025-48744
In SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution...
CVE-2025-48743
SIGB PMB before 8.0.1.2 allows SQL injection...
CVE-2025-48744
In SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution...
PT-2025-22911 · Sigb Pmb · Sigb Pmb
Name of the Vulnerable Software and Affected Versions: SIGB PMB version 8.0.1.2 and earlier Description: The issue allows attackers to achieve Local File Inclusion and remote code execution. Recommendations: For SIGB PMB version 8.0.1.2 and earlier, update to version 8.0.1.2 or later to resolve t...
CVE-2025-48742
The installer in SIGB PMB before and fixed in v.8.0.1.2 allows remote code execution...
CVE-2025-48743
SIGB PMB contains a SQL injection vulnerability in versions prior to 8.0.1.2. The issue stems from input handling that allows SQL injection. Impact indicators in the sources show high confidentiality, integrity, and availability impacts (NVD CVSSv3.1 base score 9.8; another assessment shows base ...
CVE-2025-48743
SIGB PMB before 8.0.1.2 allows SQL injection...
CVE-2025-48743
SIGB PMB before 8.0.1.2 allows SQL injection...
CVE-2025-48744
In SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution...
SIGB PMB SQL注入漏洞
SIGB PMB is an open source integrated library management system from SIGB. A SQL injection vulnerability exists in SIGB PMB versions prior to 8.0.1.2, which stems from vulnerability to SQL injection attacks...