Pimcore Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by pimcore
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Pimcore Thumbnail Generation Vulnerability
CVE-2024-32871PimcorePimcore7.5HIGHPotential Security Vulnerability in Pimcore's Admin Classic Bundle
CVE-2024-25625PimcoreAdmin-ui-classic-bundle8.1HIGHPimcore Admin Classic Bundle SQL Injection in Admin download files as zip
CVE-2024-23646pimcoreadmin-ui-classic-bundle8.8HIGHPimcore Admin Classic Bundle host header injection in the password reset
CVE-2024-23648pimcoreadmin-ui-classic-bundle8.8HIGHPimcore Admin UI has Two Factor Authentication disabled for non admin security firewalls
CVE-2023-49075pimcoreadmin-ui-classic-bundle7.2HIGHSQL Injection in Admin Grid Filter API in Pimcore
CVE-2023-47637PimcorePimcore8.8HIGHExposure of Sensitive Information to an Unauthorized Actor in pimcore/pimcore
CVE-2023-3819PimcorePimcore/pimcore7.6HIGHSQL Injection in pimcore/pimcore
CVE-2023-3820PimcorePimcore/pimcore7.2HIGHSQL Injection in pimcore/pimcore
CVE-2023-3673PimcorePimcore/pimcore7.2HIGHPrivilege Defined With Unsafe Actions in pimcore/pimcore
CVE-2023-2983pimcorepimcore/pimcore8.8HIGHPath Traversal: '\..\filename' in pimcore/pimcore
CVE-2023-2984pimcorepimcore/pimcore8.8HIGHSQL Injection in pimcore/customer-data-framework
CVE-2023-2756PimcorePimcore/customer-data-...7.2HIGHImproper Neutralization of Formula Elements in a CSV File in pimcore/customer-data-framework
CVE-2023-2629PimcorePimcore/customer-data-...7.8HIGHPimcore SQL Injection Vulnerability in Admin Translations API
CVE-2023-30850PimcorePimcore8.8HIGHPimcore SQL Injection Vulnerability in Admin Search Find API
CVE-2023-30848PimcorePimcore8.8HIGHPimcore vulnerable to SQL Injection in Translation Export API
CVE-2023-30849PimcorePimcore8.8HIGHSQL Injection in pimcore/pimcore
CVE-2023-2338PimcorePimcore/pimcore8.8HIGHPimcore vulnerable to improper quoting of filters in Custom Reports
CVE-2023-28438pimcorepimcore8HIGHSQL Injection in pimcore/pimcore
CVE-2023-1578pimcorepimcore/pimcore8.8HIGHPimcore has improper quoting of columns when calling methods "getByUuid" & "exists" on UUID Model
CVE-2023-28108pimcorepimcore7.8HIGHImproper SameSite Attribute Vulnerability in PimCore by PimCore
CVE-2023-25240PimcorePimcore8.8HIGHRCE vulnerability in Pimcore/Mail & Dynamic Text Layout
CVE-2022-39365PimcorePimcore9.8CRITICALSQL injection in pimcore
CVE-2022-31092PimcorePimcore7.5HIGHSQL injection in GridHelperService.php in pimcore/pimcore
CVE-2022-1429pimcorepimcore/pimcore7.5HIGHSQL injection in ElementController.php in pimcore/pimcore
CVE-2022-1339PimcorePimcore/pimcore8.8HIGH