AetherBlack/CVE

AetherBlack/CVE

Releases0

Stars5

Write-Up of my CVE

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-24733 ↗	Mar 6, 2023Monday, 6 March 2023, 21:15	6.1 MEDIUM	—
PMB v7.4.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the query parameter at /admin/convert/export_z3950_new.php.
CVE-2023-24734 ↗	Mar 6, 2023Monday, 6 March 2023, 21:15	9.8 CRITICAL	—
An arbitrary file upload vulnerability in the camera_upload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file.
CVE-2023-24735 ↗	Mar 6, 2023Monday, 6 March 2023, 21:15	6.1 MEDIUM	—
PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opac_css/pmb.php. This vulnerability allows attackers to redirect victim users to an external domain via a crafted URL.
CVE-2023-24736 ↗	Mar 6, 2023Monday, 6 March 2023, 21:15	9.8 CRITICAL	—
PMB v7.4.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /sauvegarde/restaure_act.php.
CVE-2023-24737 ↗	Mar 6, 2023Monday, 6 March 2023, 21:15	6.1 MEDIUM	—
PMB v7.4.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the query parameter at /admin/convert/export_z3950.php.