Vulnerabilities > Pimcore
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-28 | CVE-2023-49075 | Use of Single-factor Authentication vulnerability in Pimcore Admin Classic Bundle The Admin Classic Bundle provides a Backend UI for Pimcore. | 7.2 |
| 2023-11-15 | CVE-2023-47636 | Information Exposure Through an Error Message vulnerability in Pimcore Admin Classic Bundle The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. | 5.3 |
| 2023-11-15 | CVE-2023-47637 | SQL Injection vulnerability in Pimcore Pimcore is an Open Source Data & Experience Management Platform. | 8.8 |
| 2023-10-31 | CVE-2023-46722 | Cross-site Scripting vulnerability in Pimcore Admin Classic Bundle The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. | 6.1 |
| 2023-10-31 | CVE-2023-5873 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 11.1.0. | 5.4 |
| 2023-10-30 | CVE-2023-5844 | Improper Authentication vulnerability in Pimcore Admin Classic Bundle Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0. | 7.2 |
| 2023-09-27 | CVE-2023-5192 | Excessive Data Query Operations in a Large Data Table vulnerability in Pimcore Core Excessive Data Query Operations in a Large Data Table in GitHub repository pimcore/demo prior to 10.3.0. | 6.5 |
| 2023-09-25 | CVE-2023-42817 | Cross-site Scripting vulnerability in Pimcore Admin Classic Bundle Pimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. | 5.4 |
| 2023-08-21 | CVE-2023-4453 | Cross-site Scripting vulnerability in Pimcore Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.8. | 5.4 |
| 2023-08-04 | CVE-2023-38708 | Path Traversal vulnerability in Pimcore Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. | 8.8 |