Filter
-Infinity
0
Trending
composer/pimcore/pimcorePimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient…
9.8
First published (updated )
composer/pimcore/pimcorePimcore before 6.2.2 lacks brute force protection for the 2FA token.
9.8
First published (updated )
Pimcore E-commerce FrameworkRCE vulnerability in Pimcore/Mail & Dynamic Text Layout
9.8
First published (updated )
Pimcore E-commerce FrameworkCross-site Scripting (XSS) - Stored in pimcore/pimcore
First published (updated )
Pimcore E-commerce FrameworkPath Traversal: '\..\filename' in pimcore/pimcore
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Pimcore E-commerce FrameworkPrivilege Defined With Unsafe Actions in pimcore/pimcore
8.8
First published (updated )
composer/pimcore/pimcoreSQL Injection in pimcore/pimcore
8.8
First published (updated )
Pimcore E-commerce FrameworkSQL Injection in pimcore/pimcore
8.8
First published (updated )
Pimcore E-commerce FrameworkImproper Neutralization of Formula Elements in a CSV File in pimcore/pimcore
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/pimcore/pimcoreIn Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file v…
8.8
First published (updated )
composer/pimcore/pimcoreAn issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST…
8.8
First published (updated )
Pimcore E-commerce FrameworkSQL injection in ElementController.php in pimcore/pimcore
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/pimcore/pimcorePimcore Path Traversal Vulnerability in AssetController:importServerFilesAction
8.8
First published (updated )
Pimcore E-commerce FrameworkAn improper SameSite Attribute vulnerability in pimCore v10.5.15 allows attackers to execute arbitra…
8.8
First published (updated )
Pimcore E-commerce FrameworkSQL Injection in pimcore/pimcore
8.8
First published (updated )
composer/pimcore/pimcorePimcore SQL Injection Vulnerability in Admin Translations API
8.8
First published (updated )
composer/pimcore/pimcorePimcore SQL Injection Vulnerability in Admin Search Find API
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/pimcore/pimcorePimcore vulnerable to SQL Injection in Translation Export API
8.8
First published (updated )
composer/pimcore/pimcoreSQL Injection in Admin Grid Filter API in Pimcore
8.8
First published (updated )
Pimcore E-commerce FrameworkChange-Password via Portal-Profile sets PimcoreBackendUser password without hashing
8.7
EPSS
0.01%
First published (updated )
Pimcore E-commerce FrameworkCross-site Scripting (XSS) - Stored in pimcore/pimcore
8.2
First published (updated )
Pimcore E-commerce FrameworkMissing file upload type validation in pimcore/pimcore
8.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Pimcore E-commerce FrameworkCross-site Scripting (XSS) - Stored in pimcore/pimcore
8.1
First published (updated )
Pimcore E-commerce FrameworkImproper Neutralization of Text-Values in Object Version Preview
8
First published (updated )
Pimcore E-commerce FrameworkImproper Encoding or Escaping of Output in Asset Metadata Component
8
First published (updated )
Pimcore E-commerce FrameworkPimcore vulnerable to improper quoting of filters in Custom Reports
8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.