Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pimcore vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2022-1339
SQL injection in ElementController.php in GitHub repository pimcore/pimcore before 10.3.5. This vulnerability is capable of steal the data
Pimcore Pimcore
312
VMScore
CVE-2022-1351
Stored XSS in Tooltip in GitHub repository pimcore/pimcore before 10.4.
Pimcore Pimcore
445
VMScore
CVE-2022-1429
SQL injection in GridHelperService.php in GitHub repository pimcore/pimcore before 10.3.6. This vulnerability is capable of steal the data
Pimcore Pimcore
445
VMScore
CVE-2019-18986
Pimcore prior to 6.2.2 allow malicious users to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.
Pimcore Pimcore
NA
CVE-2023-2983
Privilege Defined With Unsafe Actions in GitHub repository pimcore/pimcore before 10.5.23.
Pimcore Pimcore
NA
CVE-2023-2984
Path Traversal: '\..\filename' in GitHub repository pimcore/pimcore before 10.5.22.
Pimcore Pimcore
445
VMScore
CVE-2021-39189
Pimcore is an open source data & experience management platform. In versions before 10.1.3, it is possible to enumerate usernames via the forgot password functionality. This issue is fixed in version 10.1.3. As a workaround, one may apply the available patch manually.
Pimcore Pimcore
NA
CVE-2023-0827
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 1.5.17.
Pimcore Pimcore
NA
CVE-2023-1067
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.18.
Pimcore Pimcore
312
VMScore
CVE-2022-0893
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.4.0.
Pimcore Pimcore
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »