What is CVE-2023-46474?

CVE-2023-46474 is a vulnerability in N/a. Published 2024-01-11.

Is CVE-2023-46474 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2023-46474

File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file.

EPSS: 0.727 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

Xn2/CVE-2023-46474
nomi-sec/PoC-in-GitHub

References

pmb.com
github.com/Xn2/CVE-2023-46474

Frequently asked questions

What is CVE-2023-46474?: CVE-2023-46474 is a vulnerability in N/a. Published 2024-01-11.
Is CVE-2023-46474 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.