CVE-2023-52154

2024-02-2100:00:00

mitre

github.com

file upload

pmb 7.4.7

arbitrary code

phtml files

AI Score

7.4

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

File Upload vulnerability in pmb/camera_upload.php in PMB 7.4.7 and earlier allows attackers to run arbitrary code via upload of crafted PHTML files.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:pmb_project:pmb:7.4.7:*:*:*:*:*:*:*"
    ],
    "vendor": "pmb_project",
    "product": "pmb",
    "versions": [
      {
        "status": "affected",
        "version": "7.4.7"
      }
    ],
    "defaultStatus": "unknown"
  }
]