Filtered by vendor Pimcore
Subscriptions
Total
138 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-23340 | 1 Pimcore | 1 Pimcore | 2024-09-17 | 7.1 High |
This affects the package pimcore/pimcore before 6.8.8. A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the CustomReportController class (bundles/AdminBundle/Controller/Reports/CustomReportController.php). An authenticated user can reach this function with a GET request at the following endpoint: /admin/reports/custom-report/download-csv?exportFile=&91;filename]. Since exportFile variable is not sanitized, an attacker can exploit a local file inclusion vulnerability. | ||||
CVE-2021-31869 | 1 Pimcore | 1 Adminbundle | 2024-09-17 | 6.5 Medium |
Pimcore AdminBundle version 6.8.0 and earlier suffers from a SQL injection issue in the specificID variable used by the application. This issue was fixed in version 6.9.4 of the product. | ||||
CVE-2021-23405 | 1 Pimcore | 1 Pimcore | 2024-09-16 | 8.3 High |
This affects the package pimcore/pimcore before 10.0.7. This issue exists due to the absence of check on the storeId parameter in the method collectionsActionGet and groupsActionGet method within the ClassificationstoreController class. | ||||
CVE-2020-7759 | 1 Pimcore | 1 Pimcore | 2024-09-16 | 6.5 Medium |
The package pimcore/pimcore from 6.7.2 and before 6.8.3 are vulnerable to SQL Injection in data classification functionality in ClassificationstoreController. This can be exploited by sending a specifically-crafted input in the relationIds parameter as demonstrated by the following request: http://vulnerable.pimcore.example/admin/classificationstore/relations?relationIds=[{"keyId"%3a"''","groupId"%3a"'asd'))+or+1%3d1+union+(select+1,2,3,4,5,6,name,8,password,'',11,12,'',14+from+users)+--+"}] | ||||
CVE-2021-31867 | 1 Pimcore | 1 Customer Management Framework | 2024-09-16 | 6.5 Medium |
Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application. This issue was fixed in version 3.0.2 of the product. | ||||
CVE-2023-5844 | 1 Pimcore | 1 Admin Classic Bundle | 2024-09-06 | 7.2 High |
Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0. | ||||
CVE-2023-46722 | 1 Pimcore | 1 Admin Classic Bundle | 2024-09-05 | 6.1 Medium |
The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Users should upgrade to version 1.2.0 to receive a patch or, as a workaround, apply the patch manually. | ||||
CVE-2023-47637 | 1 Pimcore | 1 Pimcore | 2024-08-29 | 8.8 High |
Pimcore is an Open Source Data & Experience Management Platform. In affected versions the `/admin/object/grid-proxy` endpoint calls `getFilterCondition()` on fields of classes to be filtered for, passing input from the request, and later executes the returned SQL. One implementation of `getFilterCondition()` is in `Multiselect`, which does not normalize/escape/validate the passed value. Any backend user with very basic permissions can execute arbitrary SQL statements and thus alter any data or escalate their privileges to at least admin level. This vulnerability has been addressed in version 11.1.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
CVE-2023-47636 | 1 Pimcore | 1 Admin Classic Bundle | 2024-08-29 | 5.3 Medium |
The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the load_file() (within a SQL Injection) query to view the page source, require the attacker to have the full path to the file they wish to view. In the case of pimcore, the fopen() function here doesn't have an error handle when the file doesn't exist on the server so the server response raises the full path "fopen(/var/www/html/var/tmp/export-{ uniqe id}.csv)". This issue has been patched in commit `10d178ef771` which has been included in release version 1.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
CVE-2014-2922 | 1 Pimcore | 1 Pimcore | 2024-08-06 | N/A |
The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.1.0 does not properly handle an object obtained by unserializing a pathname, which allows remote attackers to conduct PHP object injection attacks and delete arbitrary files via vectors involving a Zend_Http_Response_Stream object. | ||||
CVE-2014-2921 | 1 Pimcore | 1 Pimcore | 2024-08-06 | N/A |
The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via vectors involving a Zend_Pdf_ElementFactory_Proxy object and a pathname with a trailing \0 character. | ||||
CVE-2015-4426 | 1 Pimcore | 1 Pimcore | 2024-08-06 | N/A |
SQL injection vulnerability in pimcore before build 3473 allows remote attackers to execute arbitrary SQL commands via the filter parameter to admin/asset/grid-proxy. | ||||
CVE-2015-4425 | 1 Pimcore | 1 Pimcore | 2024-08-06 | N/A |
Directory traversal vulnerability in pimcore before build 3473 allows remote authenticated users with the "assets" permission to create or write to arbitrary files via a .. (dot dot) in the dir parameter to admin/asset/add-asset-compatibility. | ||||
CVE-2018-14059 | 1 Pimcore | 1 Pimcore | 2024-08-05 | N/A |
Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions. | ||||
CVE-2018-14058 | 1 Pimcore | 1 Pimcore | 2024-08-05 | N/A |
Pimcore before 5.3.0 allows SQL Injection via the REST web service API. | ||||
CVE-2018-14057 | 1 Pimcore | 1 Pimcore | 2024-08-05 | N/A |
Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function. | ||||
CVE-2019-18985 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 9.8 Critical |
Pimcore before 6.2.2 lacks brute force protection for the 2FA token. | ||||
CVE-2019-18982 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 6.1 Medium |
bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header. | ||||
CVE-2019-18981 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 9.8 Critical |
Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification. | ||||
CVE-2019-18986 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 7.5 High |
Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users. |