SQL Injection vulnerability in PMB Services PMB v.7.4.7 and before allows a remote unauthenticated attacker to execute arbitrary code via the query parameter in the /admin/convert/export_z3950.php endpoint.
CVSS Score
9.8
EPSS Score
0.013
Published
2024-02-21
SQL injection vulnerability in PMB v.7.4.7 and earlier allows a remote attacker to execute arbitrary code via the thesaurus parameter in export_skos.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-02-21
File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file.
CVSS Score
7.2
EPSS Score
0.727
Published
2024-01-11
Page 2