Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pimcore vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-16318
In Pimcore prior to 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2...
Pimcore Pimcore
5.5
CVSSv2
CVE-2022-0665
Path Traversal in GitHub repository pimcore/pimcore before 10.3.2.
Pimcore Pimcore
3.5
CVSSv2
CVE-2022-0894
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.4.0.
Pimcore Pimcore
6.5
CVSSv2
CVE-2019-10867
An issue exists in Pimcore prior to 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to bundles/AdminBundle/Controlle...
Pimcore Pimcore
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2021-4081
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Pimcore Pimcore
4.3
CVSSv2
CVE-2021-4082
pimcore is vulnerable to Cross-Site Request Forgery (CSRF)
Pimcore Pimcore
3.5
CVSSv2
CVE-2022-0831
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.3.3.
Pimcore Pimcore
3.5
CVSSv2
CVE-2022-0893
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.4.0.
Pimcore Pimcore
3.5
CVSSv2
CVE-2022-0911
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.4.0.
Pimcore Pimcore
5
CVSSv2
CVE-2022-1219
SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore before 10.3.5. This vulnerability is capable of steal the data
Pimcore Pimcore
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »