4 matches found
MAL-2026-3226 Malicious code in timesmcp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 85630b024b2eb06c5002dd3ac72fa8bf4733f08d34de10bf0eca0851bf2d9f86 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
PMB security breach
PMB is a 100% free document management reference tool from the PMB Services team. A security vulnerability exists in PMB version v.7.4.8, which originates from a vulnerability that allows remote attackers to execute arbitrary code and escalate privileges by uploading the startimport.php file...
PT-2024-1239
Name of the Vulnerable Software and Affected Versions PMB version 7.4.8 Description The issue allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the "start import.php" file. This is related to an unlimited file upload vulnerability of...
CVE-2023-46474
File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the startimport.php file...