Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pimcore pimcore vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-1703
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore before 10.5.20.
Pimcore Pimcore
5.4
CVSSv3
CVE-2023-1704
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.20.
Pimcore Pimcore
5.4
CVSSv3
CVE-2023-23937
Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. The upload functionality for updating user profile does not properly validate the file content-type, allowing any authenticated user to bypass this security ch...
Pimcore Pimcore
4.8
CVSSv3
CVE-2023-28106
Pimcore is an open source data and experience management platform. Prior to version 10.5.19, an attacker can use cross-site scripting to send a malicious script to an unsuspecting user. Users may upgrade to version 10.5.19 to receive a patch or, as a workaround, apply the patch m...
Pimcore Pimcore
7.8
CVSSv3
CVE-2023-28108
Pimcore is an open source data and experience management platform. Prior to version 10.5.19, quoting is not done properly in UUID DAO model. There is the theoretical possibility to inject custom SQL if the developer is using this methods with input data and not doing proper input...
Pimcore Pimcore
5.4
CVSSv3
CVE-2022-0348
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore before 10.2.
Pimcore Pimcore
5.4
CVSSv3
CVE-2022-0509
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore before 10.3.1.
Pimcore Pimcore
5.4
CVSSv3
CVE-2022-0510
Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore before 10.3.1.
Pimcore Pimcore
8.8
CVSSv3
CVE-2023-30848
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the admin search find API has a SQL injection vulnerability. Users should upgrade to version 10.5.21 to receive a patch or, as a workaround, apply the patch manually.
Pimcore Pimcore
8.8
CVSSv3
CVE-2023-30849
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, A SQL injection vulnerability exists in the translation export API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually.
Pimcore Pimcore
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »