Filter
Software
Pimcore admin-ui-classic-bundleUser enumeration in pimcore/admin-ui-classic-bundle
6.9
EPSS
0.04%
First published (updated )
Pimcore Customer Data FrameworkPimcore customer-data-framework list sql injection
7.2
First published (updated )
Pimcore PimcorePimcore Search Document cross site scripting
5.1
First published (updated )
Pimcore PimcoreChange-Password via Portal-Profile sets PimcoreBackendUser password without hashing
8.7
First published (updated )
composer/pimcore/pimcorePimcore Vulnerable to Flooding Server with Thumbnail files
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle permissions are not getting checked when working with tags
9.1
EPSS
0.06%
First published (updated )
composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle SQL Injection in Admin download files as zip
8.8
EPSS
0.06%
First published (updated )
composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle host header injection in the password reset
8.8
EPSS
0.09%
First published (updated )
composer/pimcore/customer-management-framework-bundlepimcore/customer-data-framework is the Customer Management Framework for management of customer data…
6.5
EPSS
0.05%
First published (updated )
composer/pimcore/customer-management-framework-bundleThe Customer Management Framework (CMF) for Pimcore adds functionality for customer data management,…
6.5
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/pimcore/ecommerce-framework-bundleecommerce-framework-bundle is the Pimcore Ecommerce Framework Bundle. An authenticated and unauthori…
4.3
EPSS
0.05%
First published (updated )
Pimcore PimcorePimcore missing token/header to prevent CSRF
6.5
First published (updated )
composer/pimcore/admin-ui-classic-bundlePimcore Admin UI has Two Factor Authentication disabled for non admin security firewalls
8.4
First published (updated )
composer/pimcore/pimcoreSQL Injection in Admin Grid Filter API in Pimcore
8.8
First published (updated )
composer/pimcore/admin-ui-classic-bundleFull Path Disclosure via re-export document in pimcore/admin-ui-classic-bundle
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/pimcore/admin-ui-classic-bundlePimcore Admin Classic Bundle Cross-site Scripting (XSS) in PDF previews
6.1
First published (updated )
composer/pimcore/pimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore
5.4
EPSS
0.09%
First published (updated )
composer/pimcore/admin-ui-classic-bundleUnverified Password Change in pimcore/admin-ui-classic-bundle
7.2
EPSS
0.05%
First published (updated )
Pimcore CoreExcessive Data Query Operations in a Large Data Table in pimcore/demo
6.5
First published (updated )
composer/pimcore/admin-ui-classic-bundleCross-site Scripting (XSS) in pimcore admin-ui-classic-bundle translations
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Pimcore PimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore
6.4
First published (updated )
composer/pimcore/pimcorePimcore Path Traversal Vulnerability in AssetController:importServerFilesAction
8.8
First published (updated )
composer/pimcore/customer-management-framework-bundleCross-site Scripting (XSS) - Stored in pimcore/customer-data-framework
6.5
First published (updated )
Pimcore PimcoreCross-site Scripting (XSS) - Reflected in pimcore/pimcore
6.1
First published (updated )
Pimcore PimcoreCross-site Scripting (XSS) - Stored in pimcore/pimcore
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Pimcore PimcoreSQL Injection in pimcore/pimcore
7.2
EPSS
0.05%
First published (updated )
Pimcore PimcoreExposure of Sensitive Information to an Unauthorized Actor in pimcore/pimcore
7.6
EPSS
0.07%
First published (updated )
composer/pimcore/admin-ui-classic-bundlePimcore admin UI vulnerable to Cross-site Scripting in two factor authentication setup page
6.1
First published (updated )
Pimcore Customer Management FrameworkImproper Authorization in pimcore/customer-data-framework
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.