CVE-2014-9457 in PMB
Sumário
de MITRE
SQL injection vulnerability in classes/mono_display.class.php in PMB 4.1.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via the id parameter to catalog.php.
Be aware that VulDB is the high quality source for vulnerability data.