Vulnerabilities > Pimcore

DATE CVE VULNERABILITY TITLE RISK
2023-08-21 CVE-2023-4453 Cross-site Scripting vulnerability in Pimcore
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.8.
network
low complexity
pimcore CWE-79
5.4
2023-08-04 CVE-2023-38708 Path Traversal vulnerability in Pimcore
Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce.
network
low complexity
pimcore CWE-22
8.8
2023-08-03 CVE-2023-4145 Cross-site Scripting vulnerability in Pimcore Customer Data Framework
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2.
network
low complexity
pimcore CWE-79
5.4
2023-07-21 CVE-2023-3819 Information Exposure vulnerability in Pimcore
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pimcore/pimcore prior to 10.6.4.
network
low complexity
pimcore CWE-200
6.5
2023-07-21 CVE-2023-3820 SQL Injection vulnerability in Pimcore
SQL Injection in GitHub repository pimcore/pimcore prior to 10.6.4.
network
low complexity
pimcore CWE-89
7.2
2023-07-21 CVE-2023-3821 Cross-site Scripting vulnerability in Pimcore
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.6.4.
network
low complexity
pimcore CWE-79
5.4
2023-07-21 CVE-2023-3822 Cross-site Scripting vulnerability in Pimcore
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.4.
network
low complexity
pimcore CWE-79
6.1
2023-07-14 CVE-2023-3673 SQL Injection vulnerability in Pimcore
SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.24.
network
low complexity
pimcore CWE-89
7.2
2023-07-11 CVE-2023-37280 Cross-site Scripting vulnerability in Pimcore Admin Classic Bundle 1.0.0/1.0.1/1.0.2
Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based on the ExtJS framework.
network
low complexity
pimcore CWE-79
6.1
2023-07-10 CVE-2023-3574 Unspecified vulnerability in Pimcore Customer Management Framework
Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1.
network
low complexity
pimcore
6.5