| CVE-2023-46474 is a file upload vulnerability in PMB (PhpMyBibli) version 7.4.8 that can lead to remote code execution (RCE) and privilege escalation.
An authenticated attacker requiring high privileges can upload a crafted PHP file to the start_import.php endpoint, which the application fails to properly validate, allowing for the execution of arbitrary code on the server. |
