Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-37177

Published: 21/02/2024 Updated: 22/02/2024

Vulnerability Summary

SQL Injection vulnerability in PMB Services PMB v.7.4.7 and before allows a remote unauthenticated malicious user to execute arbitrary code via the query parameter in the /admin/convert/export_z3950.php endpoint.

References

https://nexacybersecurity.blogspot.com/2024/02/journey-finding-vulnerabilities-in-pmb-library-management-system.htmlhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30043cameraCVE-2023-40404CVE-2024-2793client sideCVE-2024-4469CVE-2024-3565CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook