Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pimcore pimcore vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-2983
Privilege Defined With Unsafe Actions in GitHub repository pimcore/pimcore before 10.5.23.
Pimcore Pimcore
8.8
CVSSv3
CVE-2023-30850
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, a SQL Injection vulnerability exists in the admin translations API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually.
Pimcore Pimcore
8.8
CVSSv3
CVE-2023-30848
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the admin search find API has a SQL injection vulnerability. Users should upgrade to version 10.5.21 to receive a patch or, as a workaround, apply the patch manually.
Pimcore Pimcore
8.8
CVSSv3
CVE-2023-30849
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, A SQL injection vulnerability exists in the translation export API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually.
Pimcore Pimcore
8.8
CVSSv3
CVE-2023-2338
SQL Injection in GitHub repository pimcore/pimcore before 10.5.21.
Pimcore Pimcore
8.8
CVSSv3
CVE-2023-1578
SQL Injection in GitHub repository pimcore/pimcore before 10.5.19.
Pimcore Pimcore
8.8
CVSSv3
CVE-2023-25240
An improper SameSite Attribute vulnerability in pimCore v10.5.15 allows malicious users to execute arbitrary code.
Pimcore Pimcore 10.5.15
8.8
CVSSv3
CVE-2022-0258
pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
Pimcore Pimcore
8.8
CVSSv3
CVE-2021-37702
Pimcore is an open source data & experience management platform. Prior to version 10.1.1, Data Object CSV import allows formular injection. The problem is patched in 10.1.1. Aside from upgrading, one may apply the patch manually as a workaround.
Pimcore Pimcore
8.8
CVSSv3
CVE-2021-23405
This affects the package pimcore/pimcore prior to 10.0.7. This issue exists due to the absence of check on the storeId parameter in the method collectionsActionGet and groupsActionGet method within the ClassificationstoreController class.
Pimcore Pimcore
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »