Packagist (Composer) package
aimeos/aimeos-core
pkg:composer/aimeos/aimeos-core
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-37295 | Hig | 7.2 | >= 2024.04.1, < 2024.04.5 | 2024.04.5 | Jun 11, 2024 | Aimeos is an Open Source e-commerce framework for online shops. Starting in version 2024.01.1 and prior to version 2024.04.5, a user with administrative privileges can upload files that look like images but contain PHP code which can then be executed in the context of the web ser | |
| CVE-2024-37294 | Med | 5.5 | >= 2024.04.1, < 2024.04.7 | 2024.04.7 | Jun 11, 2024 | Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos- |
- affected >= 2024.04.1, < 2024.04.5fixed 2024.04.5
Aimeos is an Open Source e-commerce framework for online shops. Starting in version 2024.01.1 and prior to version 2024.04.5, a user with administrative privileges can upload files that look like images but contain PHP code which can then be executed in the context of the web ser
- affected >= 2024.04.1, < 2024.04.7fixed 2024.04.7
Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos-