Sigb: community verdicts
3 notable / known-exploited Sigb CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Sigb CVE, see NVD ↗.
- CVE-2023-46474HIGH 7.2EPSS 23%
File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file.
- CVE-2025-61168CRIT 9.8Real · low riskEPSS 0%
An issue in the cms_rest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file.
- CVE-2025-61167MED 6.5EPSS 0%
SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the /opac_css/ajax_selector.php component via the id and datas parameters.