Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pimcore vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-0251
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.2.10.
Pimcore Pimcore
9.8
CVSSv3
CVE-2019-18985
Pimcore prior to 6.2.2 lacks brute force protection for the 2FA token.
Pimcore Pimcore
7.5
CVSSv3
CVE-2019-18986
Pimcore prior to 6.2.2 allow malicious users to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.
Pimcore Pimcore
6.5
CVSSv3
CVE-2022-0665
Path Traversal in GitHub repository pimcore/pimcore before 10.3.2.
Pimcore Pimcore
6.5
CVSSv3
CVE-2019-10763
pimcore/pimcore prior to 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and ...
Pimcore Pimcore
8.8
CVSSv3
CVE-2023-2983
Privilege Defined With Unsafe Actions in GitHub repository pimcore/pimcore before 10.5.23.
Pimcore Pimcore
8.8
CVSSv3
CVE-2023-2984
Path Traversal: '\..\filename' in GitHub repository pimcore/pimcore before 10.5.22.
Pimcore Pimcore
5.4
CVSSv3
CVE-2022-0260
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.2.7.
Pimcore Pimcore
7.8
CVSSv3
CVE-2022-0263
Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore before 10.2.7.
Pimcore Pimcore
5.4
CVSSv3
CVE-2022-1351
Stored XSS in Tooltip in GitHub repository pimcore/pimcore before 10.4.
Pimcore Pimcore
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »