Security Advisory

CVE-2023-53982

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-23 19:34:11

Last updated 2026-03-05 12:03:25

Assigner VulnCheck

State PUBLISHED

Description

PMB 7.4.6 contains a SQL injection vulnerability in the storage parameter of the ajax.php endpoint that allows remote attackers to manipulate database queries. Attackers can exploit the unsanitized id parameter by injecting conditional sleep statements to extract information or perform time-based blind SQL injection attacks.

← Browse all CVEs View on cve.org ↗