High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-16	CVE-2023-28108	Unspecified vulnerability in Pimcore Pimcore is an open source data and experience management platform. local low complexity pimcore	7.8
2023-02-13	CVE-2023-25240	Unspecified vulnerability in Pimcore 10.5.15 An improper SameSite Attribute vulnerability in pimCore v10.5.15 allows attackers to execute arbitrary code. network low complexity pimcore	8.8
2022-06-27	CVE-2022-31092	Unspecified vulnerability in Pimcore Pimcore is an Open Source Data & Experience Management Platform. network high complexity pimcore	8.1
2022-04-22	CVE-2022-1429	SQL Injection vulnerability in Pimcore SQL injection in GridHelperService.php in GitHub repository pimcore/pimcore prior to 10.3.6. network low complexity pimcore CWE-89	7.5
2022-04-13	CVE-2022-1339	Unspecified vulnerability in Pimcore SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. network low complexity pimcore	7.5
2022-04-08	CVE-2022-1219	Unspecified vulnerability in Pimcore SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. network low complexity pimcore	7.5
2022-01-18	CVE-2022-0263	Unspecified vulnerability in Pimcore Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore prior to 10.2.7. local low complexity pimcore	7.8
2022-01-17	CVE-2022-0258	Unspecified vulnerability in Pimcore pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command network low complexity pimcore	8.8
2021-08-18	CVE-2021-37702	Unspecified vulnerability in Pimcore Pimcore is an open source data & experience management platform. network low complexity pimcore	8.8
2021-08-04	CVE-2021-31867	SQL Injection vulnerability in Pimcore Customer Management Framework Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application. network low complexity pimcore CWE-89	7.5