Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pimcore vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2020-7759
The package pimcore/pimcore from 6.7.2 and prior to 6.8.3 are vulnerable to SQL Injection in data classification functionality in ClassificationstoreController. This can be exploited by sending a specifically-crafted input in the relationIds parameter as demonstrated by the follo...
Pimcore Pimcore
NA
CVE-2022-3255
If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. Amongst other things, the attacker can: Perform any action within the application that the user can perform. View any information that the user i...
Pimcore Pimcore
445
VMScore
CVE-2022-1219
SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore before 10.3.5. This vulnerability is capable of steal the data
Pimcore Pimcore
495
VMScore
CVE-2015-4425
Directory traversal vulnerability in pimcore before build 3473 allows remote authenticated users with the "assets" permission to create or write to arbitrary files via a .. (dot dot) in the dir parameter to admin/asset/add-asset-compatibility.
Pimcore Pimcore -
1 EDB exploit
NA
CVE-2023-1067
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.18.
Pimcore Pimcore
NA
CVE-2023-1115
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.18.
Pimcore Pimcore
NA
CVE-2023-1116
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.18.
Pimcore Pimcore
NA
CVE-2023-1117
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.18.
Pimcore Pimcore
NA
CVE-2023-1286
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore before 10.5.19.
Pimcore Pimcore
NA
CVE-2023-1312
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore before 10.5.19.
Pimcore Pimcore
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »