Filters

composer/pimcore/pimcorePimcore Vulnerable to Flooding Server with Thumbnail files

7.5
First published (updated )

composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle permissions are not getting checked when working with tags

EPSS
0.06%
First published (updated )

composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle SQL Injection in Admin download files as zip

8.8
EPSS
0.06%
First published (updated )

composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle host header injection in the password reset

8.8
EPSS
0.09%
First published (updated )

composer/pimcore/customer-management-framework-bundlepimcore/customer-data-framework is the Customer Management Framework for management of customer data…

EPSS
0.05%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

composer/pimcore/customer-management-framework-bundleThe Customer Management Framework (CMF) for Pimcore adds functionality for customer data management,…

EPSS
0.05%
First published (updated )

composer/pimcore/ecommerce-framework-bundleecommerce-framework-bundle is the Pimcore Ecommerce Framework Bundle. An authenticated and unauthori…

EPSS
0.05%
First published (updated )

Pimcore PimcorePimcore missing token/header to prevent CSRF

First published (updated )

composer/pimcore/admin-ui-classic-bundlePimcore Admin UI has Two Factor Authentication disabled for non admin security firewalls

8.4
First published (updated )

composer/pimcore/pimcoreSQL Injection in Admin Grid Filter API in Pimcore

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

composer/pimcore/admin-ui-classic-bundleFull Path Disclosure via re-export document in pimcore/admin-ui-classic-bundle

First published (updated )

Pimcore Admin Classic BundlePimcore Admin Classic Bundle Cross-site Scripting (XSS) in PDF previews

First published (updated )

Pimcore PimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore

EPSS
0.09%
First published (updated )

Pimcore Admin Classic BundleUnverified Password Change in pimcore/admin-ui-classic-bundle

7.2
EPSS
0.05%
First published (updated )

Pimcore CoreExcessive Data Query Operations in a Large Data Table in pimcore/demo

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

composer/pimcore/admin-ui-classic-bundleCross-site Scripting (XSS) in pimcore admin-ui-classic-bundle translations

First published (updated )

Pimcore PimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore

First published (updated )

composer/pimcore/pimcorePimcore Path Traversal Vulnerability in AssetController:importServerFilesAction

8.8
First published (updated )

composer/pimcore/customer-management-framework-bundleCross-site Scripting (XSS) - Stored in pimcore/customer-data-framework

First published (updated )

Pimcore PimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Pimcore PimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore

First published (updated )

Pimcore PimcoreSQL Injection in pimcore/pimcore

7.2
EPSS
0.05%
First published (updated )

Pimcore PimcoreExposure of Sensitive Information to an Unauthorized Actor in pimcore/pimcore

7.6
EPSS
0.07%
First published (updated )

Pimcore PimcoreSQL Injection in pimcore/pimcore

7.2
First published (updated )

Pimcore Admin Classic BundlePimcore admin UI vulnerable to Cross-site Scripting in two factor authentication setup page

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Pimcore Customer Management FrameworkImproper Authorization in pimcore/customer-data-framework

First published (updated )

Pimcore PimcorePath Traversal: '\..\filename' in pimcore/pimcore

8.8
First published (updated )

Pimcore PimcorePrivilege Defined With Unsafe Actions in pimcore/pimcore

8.8
First published (updated )

Pimcore Customer-data-frameworkStoring Passwords in a Recoverable Format in pimcore/customer-data-framework

First published (updated )

Pimcore Customer Management FrameworkSQL Injection in pimcore/customer-data-framework

7.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Pimcore PimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore

First published (updated )

Pimcore Customer Management FrameworkPimcore vulnerable to Business Logic Errors in Customer automation rules

First published (updated )

Pimcore Customer Management FrameworkImproper Neutralization of Formula Elements in a CSV File in pimcore/customer-data-framework

7.8
First published (updated )

Pimcore PimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore

First published (updated )

Pimcore PimcoreCross-site Scripting (XSS) - DOM in pimcore/pimcore

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Pimcore PimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore

First published (updated )

Pimcore PimcoreCross-site Scripting (XSS) - Generic in pimcore/pimcore

First published (updated )

Pimcore PimcorePimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php

7.5
First published (updated )

Pimcore PimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore

First published (updated )

Pimcore PimcorePimcore Arbitrary File Read in Admin JS CSS files

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Pimcore PimcorePimcore SQL Injection Vulnerability in Admin Translations API

8.8
First published (updated )

Pimcore PimcorePimcore vulnerable to SQL Injection in Translation Export API

8.8
First published (updated )

Pimcore PimcorePimcore SQL Injection Vulnerability in Admin Search Find API

8.8
First published (updated )

composer/pimcore/pimcoreCross-site Scripting (XSS) - Generic in pimcore/pimcore

7.3
First published (updated )

composer/pimcore/pimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Pimcore PimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore

First published (updated )

composer/pimcore/pimcoreSQL Injection in pimcore/pimcore

8.8
First published (updated )

composer/pimcore/pimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore

First published (updated )

Pimcore PimcoreCross-site Scripting (XSS) - DOM in pimcore/pimcore

First published (updated )

Pimcore PimcorePath Traversal in pimcore/pimcore

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203