Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pimcore vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2341
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore before 10.5.21.
Pimcore Pimcore
1 Github repository
NA
CVE-2023-2342
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore before 10.5.21.
Pimcore Pimcore
1 Github repository
NA
CVE-2023-2343
Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore before 10.5.21.
Pimcore Pimcore
NA
CVE-2023-2361
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.21.
Pimcore Pimcore
312
VMScore
CVE-2022-0256
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Pimcore Pimcore
312
VMScore
CVE-2022-0285
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore before 10.2.9.
Pimcore Pimcore
NA
CVE-2023-3673
SQL Injection in GitHub repository pimcore/pimcore before 10.5.24.
Pimcore Pimcore
668
VMScore
CVE-2019-18981
Pimcore prior to 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.
Pimcore Pimcore
NA
CVE-2023-28106
Pimcore is an open source data and experience management platform. Prior to version 10.5.19, an attacker can use cross-site scripting to send a malicious script to an unsuspecting user. Users may upgrade to version 10.5.19 to receive a patch or, as a workaround, apply the patch m...
Pimcore Pimcore
578
VMScore
CVE-2019-16318
In Pimcore prior to 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2...
Pimcore Pimcore
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »