Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pimcore vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-18985
Pimcore prior to 6.2.2 lacks brute force protection for the 2FA token.
Pimcore Pimcore
NA
CVE-2023-30852
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the `/admin/misc/script-proxy` API endpoint that is accessible by an authenticated administrator user is vulnerable to arbitrary JavaScript and CSS file read via the `scriptPath` and `scr...
Pimcore Pimcore
4
CVSSv2
CVE-2020-26246
Pimcore is an open source digital experience platform. In Pimcore before version 6.8.5 it is possible to modify & create website settings without having the appropriate permissions.
Pimcore Pimcore
NA
CVE-2022-3211
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.6.
Pimcore Pimcore
NA
CVE-2023-1067
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.18.
Pimcore Pimcore
NA
CVE-2023-1704
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.20.
Pimcore Pimcore
3.5
CVSSv2
CVE-2022-0256
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Pimcore Pimcore
6.5
CVSSv2
CVE-2022-0258
pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
Pimcore Pimcore
3.5
CVSSv2
CVE-2022-0260
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.2.7.
Pimcore Pimcore
4.3
CVSSv2
CVE-2022-0262
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore before 10.2.7.
Pimcore Pimcore
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »