Filtered by vendor Pimcore
Subscriptions
Filtered by product Pimcore
Subscriptions
Total
115 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-0894 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0. | ||||
CVE-2022-0893 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0. | ||||
CVE-2022-0832 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3. | ||||
CVE-2022-0831 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3. | ||||
CVE-2022-0705 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0. | ||||
CVE-2022-0704 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0. | ||||
CVE-2022-0665 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 6.5 Medium |
Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2. | ||||
CVE-2022-0509 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.3.1. | ||||
CVE-2022-0565 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 7.6 High |
Cross-site Scripting in Packagist pimcore/pimcore prior to 10.3.1. | ||||
CVE-2022-0510 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1. | ||||
CVE-2022-0263 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 7.8 High |
Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore prior to 10.2.7. | ||||
CVE-2022-0256 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
CVE-2022-0285 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.9. | ||||
CVE-2022-0348 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2. | ||||
CVE-2022-0257 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
CVE-2022-0262 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 6.1 Medium |
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.7. | ||||
CVE-2022-0260 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.7. | ||||
CVE-2022-0258 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 8.8 High |
pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command | ||||
CVE-2022-0251 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.10. | ||||
CVE-2023-49076 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 4.3 Medium |
Customer-data-framework allows management of customer data within Pimcore. There are no tokens or headers to prevent CSRF attacks from occurring, therefore an attacker could abuse this vulnerability to create new customers. This issue has been patched in version 4.0.5. |