Filter
Software
Pimcore PimcoreChange-Password via Portal-Profile sets PimcoreBackendUser password without hashing
8.7
First published (updated )
composer/pimcore/pimcorePimcore Vulnerable to Flooding Server with Thumbnail files
7.5
First published (updated )
composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle permissions are not getting checked when working with tags
9.1
EPSS
0.06%
First published (updated )
composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle SQL Injection in Admin download files as zip
8.8
EPSS
0.06%
First published (updated )
composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle host header injection in the password reset
8.8
EPSS
0.09%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/pimcore/customer-management-framework-bundlepimcore/customer-data-framework is the Customer Management Framework for management of customer data…
6.5
EPSS
0.05%
First published (updated )
composer/pimcore/customer-management-framework-bundleThe Customer Management Framework (CMF) for Pimcore adds functionality for customer data management,…
6.5
EPSS
0.05%
First published (updated )
composer/pimcore/ecommerce-framework-bundleecommerce-framework-bundle is the Pimcore Ecommerce Framework Bundle. An authenticated and unauthori…
4.3
EPSS
0.05%
First published (updated )
Pimcore PimcorePimcore missing token/header to prevent CSRF
6.5
First published (updated )
composer/pimcore/admin-ui-classic-bundlePimcore Admin UI has Two Factor Authentication disabled for non admin security firewalls
8.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/pimcore/pimcoreSQL Injection in Admin Grid Filter API in Pimcore
8.8
First published (updated )
composer/pimcore/admin-ui-classic-bundleFull Path Disclosure via re-export document in pimcore/admin-ui-classic-bundle
5.3
First published (updated )
composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle Cross-site Scripting (XSS) in PDF previews
6.1
First published (updated )
composer/pimcore/pimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore
5.4
EPSS
0.09%
First published (updated )
composer/pimcore/admin-ui-classic-bundleUnverified Password Change in pimcore/admin-ui-classic-bundle
7.2
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Pimcore CoreExcessive Data Query Operations in a Large Data Table in pimcore/demo
6.5
First published (updated )
composer/pimcore/admin-ui-classic-bundleCross-site Scripting (XSS) in pimcore admin-ui-classic-bundle translations
5.4
First published (updated )
Pimcore PimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore
6.4
First published (updated )
composer/pimcore/pimcorePimcore Path Traversal Vulnerability in AssetController:importServerFilesAction
8.8
First published (updated )
composer/pimcore/customer-management-framework-bundleCross-site Scripting (XSS) - Stored in pimcore/customer-data-framework
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Pimcore PimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore
6.1
First published (updated )
Pimcore PimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore
6.1
First published (updated )
Pimcore PimcoreSQL Injection in pimcore/pimcore
7.2
EPSS
0.05%
First published (updated )
Pimcore PimcoreExposure of Sensitive Information to an Unauthorized Actor in pimcore/pimcore
7.6
EPSS
0.07%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Pimcore Admin Classic BundlePimcore admin UI vulnerable to Cross-site Scripting in two factor authentication setup page
6.1
First published (updated )
Pimcore Customer Management FrameworkImproper Authorization in pimcore/customer-data-framework
6.5
First published (updated )
Pimcore PimcorePath Traversal: '\..\filename' in pimcore/pimcore
8.8
First published (updated )
Pimcore PimcorePrivilege Defined With Unsafe Actions in pimcore/pimcore
8.8
First published (updated )
Pimcore Customer-data-frameworkStoring Passwords in a Recoverable Format in pimcore/customer-data-framework
6.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Pimcore Customer Management FrameworkSQL Injection in pimcore/customer-data-framework
7.2
First published (updated )
Pimcore PimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore
6.3
First published (updated )
Pimcore Customer Management FrameworkPimcore vulnerable to Business Logic Errors in Customer automation rules
4.3
First published (updated )
Pimcore Customer Management FrameworkImproper Neutralization of Formula Elements in a CSV File in pimcore/customer-data-framework
7.8
First published (updated )
Pimcore PimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore
5.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Pimcore PimcoreCross-site Scripting (XSS) - DOM in pimcore/pimcore
6.8
First published (updated )
Pimcore PimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore
6.8
First published (updated )
Pimcore PimcoreCross-site Scripting (XSS) - Generic in pimcore/pimcore
6.8
First published (updated )
Pimcore PimcorePimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php
7.5
First published (updated )
Pimcore PimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore
6.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/pimcore/pimcoreStored Cross-site Scripting (XSS) in pimcore/pimcore
4.8
First published (updated )
Pimcore PimcorePimcore Arbitrary File Read in Admin JS CSS files
4.9
First published (updated )
Pimcore PimcorePimcore SQL Injection Vulnerability in Admin Translations API
8.8
First published (updated )
Pimcore PimcorePimcore vulnerable to SQL Injection in Translation Export API
8.8
First published (updated )
Pimcore PimcorePimcore SQL Injection Vulnerability in Admin Search Find API
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/pimcore/pimcoreCross-site Scripting (XSS) - Generic in pimcore/pimcore
7.3
First published (updated )
composer/pimcore/pimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore
6.1
First published (updated )
Pimcore PimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore
6.1
First published (updated )
composer/pimcore/pimcoreSQL Injection in pimcore/pimcore
8.8
First published (updated )
composer/pimcore/pimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.