Vulnerabilities > Pimcore

DATE CVE VULNERABILITY TITLE RISK
2024-02-07 CVE-2024-24822 Missing Authorization vulnerability in Pimcore Admin Classic Bundle
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore.
network
low complexity
pimcore CWE-862
critical
9.1
2024-01-24 CVE-2024-23646 SQL Injection vulnerability in Pimcore Admin Classic Bundle
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore.
network
low complexity
pimcore CWE-89
8.8
2024-01-24 CVE-2024-23648 Injection vulnerability in Pimcore Admin Classic Bundle
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore.
network
low complexity
pimcore CWE-74
8.8
2024-01-11 CVE-2024-21665 Unspecified vulnerability in Pimcore E-Commerce Framework
ecommerce-framework-bundle is the Pimcore Ecommerce Framework Bundle.
network
low complexity
pimcore
4.3
2024-01-11 CVE-2024-21666 Improper Access Control vulnerability in Pimcore Customer Management Framework
The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management, segmentation, personalization and marketing automation.
network
low complexity
pimcore CWE-284
6.5
2024-01-11 CVE-2024-21667 Improper Access Control vulnerability in Pimcore Customer Management Framework
pimcore/customer-data-framework is the Customer Management Framework for management of customer data within Pimcore.
network
low complexity
pimcore CWE-284
6.5
2023-11-30 CVE-2023-49076 Cross-Site Request Forgery (CSRF) vulnerability in Pimcore
Customer-data-framework allows management of customer data within Pimcore.
network
low complexity
pimcore CWE-352
6.5
2023-11-28 CVE-2023-49075 Use of Single-factor Authentication vulnerability in Pimcore Admin Classic Bundle
The Admin Classic Bundle provides a Backend UI for Pimcore.
network
low complexity
pimcore CWE-308
7.2
2023-11-15 CVE-2023-47636 Information Exposure Through an Error Message vulnerability in Pimcore Admin Classic Bundle
The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore.
network
low complexity
pimcore CWE-209
5.3
2023-11-15 CVE-2023-47637 SQL Injection vulnerability in Pimcore
Pimcore is an Open Source Data & Experience Management Platform.
network
low complexity
pimcore CWE-89
8.8