Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pimcore pimcore vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1701
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore before 10.5.20.
Pimcore Pimcore
NA
CVE-2023-1702
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore before 10.5.20.
Pimcore Pimcore
NA
CVE-2023-1703
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore before 10.5.20.
Pimcore Pimcore
NA
CVE-2023-1704
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.20.
Pimcore Pimcore
6.5
CVSSv2
CVE-2022-0258
pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
Pimcore Pimcore
7.5
CVSSv2
CVE-2019-18981
Pimcore prior to 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.
Pimcore Pimcore
4.3
CVSSv2
CVE-2019-18982
bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore prior to 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header.
Pimcore Pimcore
5
CVSSv2
CVE-2019-18985
Pimcore prior to 6.2.2 lacks brute force protection for the 2FA token.
Pimcore Pimcore
5
CVSSv2
CVE-2019-18986
Pimcore prior to 6.2.2 allow malicious users to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.
Pimcore Pimcore
4.3
CVSSv2
CVE-2021-4084
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Pimcore Pimcore
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »