Filtered by vendor Pimcore
Subscriptions
Filtered by product Pimcore
Subscriptions
Total
115 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-23340 | 1 Pimcore | 1 Pimcore | 2024-09-17 | 7.1 High |
| This affects the package pimcore/pimcore before 6.8.8. A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the CustomReportController class (bundles/AdminBundle/Controller/Reports/CustomReportController.php). An authenticated user can reach this function with a GET request at the following endpoint: /admin/reports/custom-report/download-csv?exportFile=&91;filename]. Since exportFile variable is not sanitized, an attacker can exploit a local file inclusion vulnerability. | ||||
| CVE-2021-23405 | 1 Pimcore | 1 Pimcore | 2024-09-16 | 8.3 High |
| This affects the package pimcore/pimcore before 10.0.7. This issue exists due to the absence of check on the storeId parameter in the method collectionsActionGet and groupsActionGet method within the ClassificationstoreController class. | ||||
| CVE-2020-7759 | 1 Pimcore | 1 Pimcore | 2024-09-16 | 6.5 Medium |
| The package pimcore/pimcore from 6.7.2 and before 6.8.3 are vulnerable to SQL Injection in data classification functionality in ClassificationstoreController. This can be exploited by sending a specifically-crafted input in the relationIds parameter as demonstrated by the following request: http://vulnerable.pimcore.example/admin/classificationstore/relations?relationIds=[{"keyId"%3a"''","groupId"%3a"'asd'))+or+1%3d1+union+(select+1,2,3,4,5,6,name,8,password,'',11,12,'',14+from+users)+--+"}] | ||||
| CVE-2023-47637 | 1 Pimcore | 1 Pimcore | 2024-08-29 | 8.8 High |
| Pimcore is an Open Source Data & Experience Management Platform. In affected versions the `/admin/object/grid-proxy` endpoint calls `getFilterCondition()` on fields of classes to be filtered for, passing input from the request, and later executes the returned SQL. One implementation of `getFilterCondition()` is in `Multiselect`, which does not normalize/escape/validate the passed value. Any backend user with very basic permissions can execute arbitrary SQL statements and thus alter any data or escalate their privileges to at least admin level. This vulnerability has been addressed in version 11.1.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2014-2922 | 1 Pimcore | 1 Pimcore | 2024-08-06 | N/A |
| The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.1.0 does not properly handle an object obtained by unserializing a pathname, which allows remote attackers to conduct PHP object injection attacks and delete arbitrary files via vectors involving a Zend_Http_Response_Stream object. | ||||
| CVE-2014-2921 | 1 Pimcore | 1 Pimcore | 2024-08-06 | N/A |
| The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via vectors involving a Zend_Pdf_ElementFactory_Proxy object and a pathname with a trailing \0 character. | ||||
| CVE-2015-4426 | 1 Pimcore | 1 Pimcore | 2024-08-06 | N/A |
| SQL injection vulnerability in pimcore before build 3473 allows remote attackers to execute arbitrary SQL commands via the filter parameter to admin/asset/grid-proxy. | ||||
| CVE-2015-4425 | 1 Pimcore | 1 Pimcore | 2024-08-06 | N/A |
| Directory traversal vulnerability in pimcore before build 3473 allows remote authenticated users with the "assets" permission to create or write to arbitrary files via a .. (dot dot) in the dir parameter to admin/asset/add-asset-compatibility. | ||||
| CVE-2018-14059 | 1 Pimcore | 1 Pimcore | 2024-08-05 | N/A |
| Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions. | ||||
| CVE-2018-14058 | 1 Pimcore | 1 Pimcore | 2024-08-05 | N/A |
| Pimcore before 5.3.0 allows SQL Injection via the REST web service API. | ||||
| CVE-2018-14057 | 1 Pimcore | 1 Pimcore | 2024-08-05 | N/A |
| Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function. | ||||
| CVE-2019-18985 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 9.8 Critical |
| Pimcore before 6.2.2 lacks brute force protection for the 2FA token. | ||||
| CVE-2019-18982 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 6.1 Medium |
| bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header. | ||||
| CVE-2019-18981 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 9.8 Critical |
| Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification. | ||||
| CVE-2019-18986 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 7.5 High |
| Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users. | ||||
| CVE-2019-18656 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 6.1 Medium |
| Pimcore 6.2.3 has XSS in the translations grid because bundles/AdminBundle/Resources/public/js/pimcore/settings/translations.js mishandles certain HTML elements. | ||||
| CVE-2019-16318 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 8.8 High |
| In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317. | ||||
| CVE-2019-16317 | 1 Pimcore | 1 Pimcore | 2024-08-05 | 8.8 High |
| In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerability than CVE-2019-10867 and CVE-2019-16318. | ||||
| CVE-2019-10867 | 1 Pimcore | 1 Pimcore | 2024-08-04 | N/A |
| An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php. | ||||
| CVE-2019-10763 | 1 Pimcore | 1 Pimcore | 2024-08-04 | 6.5 Medium |
| pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and 'tables' parameters, using a payload for trigger a time based or error based sql injection. | ||||