Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pimcore pimcore vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-2327
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.21.
Pimcore Pimcore
5.4
CVSSv3
CVE-2023-2340
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.21.
Pimcore Pimcore
5.4
CVSSv3
CVE-2023-2343
Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore before 10.5.21.
Pimcore Pimcore
5.4
CVSSv3
CVE-2023-23937
Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. The upload functionality for updating user profile does not properly validate the file content-type, allowing any authenticated user to bypass this security ch...
Pimcore Pimcore
8.8
CVSSv3
CVE-2019-16318
In Pimcore prior to 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2...
Pimcore Pimcore
8.8
CVSSv3
CVE-2019-10867
An issue exists in Pimcore prior to 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to bundles/AdminBundle/Controlle...
Pimcore Pimcore
1 EDB exploit
1 Github repository
6.5
CVSSv3
CVE-2020-26246
Pimcore is an open source digital experience platform. In Pimcore before version 6.8.5 it is possible to modify & create website settings without having the appropriate permissions.
Pimcore Pimcore
5.4
CVSSv3
CVE-2023-1429
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore before 10.5.19.
Pimcore Pimcore
5.4
CVSSv3
CVE-2023-1515
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.19.
Pimcore Pimcore
5.4
CVSSv3
CVE-2023-1704
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.20.
Pimcore Pimcore
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »