Pimcore
by Pimcore
Source repositories
CVEs (122)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-2361 | 0.00 | — | 0.00 | Apr 28, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-30852 | 0.00 | — | 0.01 | Apr 27, 2023 | Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the `/admin/misc/script-proxy` API endpoint that is accessible by an authenticated administrator user is vulnerable to arbitrary JavaScript and CSS file read via the `scriptPath` and… | |||
| CVE-2023-30850 | 0.00 | — | 0.01 | Apr 27, 2023 | Pimcore is an open source data and experience management platform. Prior to version 10.5.21, a SQL Injection vulnerability exists in the admin translations API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually. | |||
| CVE-2023-30849 | 0.00 | — | 0.01 | Apr 27, 2023 | Pimcore is an open source data and experience management platform. Prior to version 10.5.21, A SQL injection vulnerability exists in the translation export API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually. | |||
| CVE-2023-30848 | 0.00 | — | 0.01 | Apr 27, 2023 | Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the admin search find API has a SQL injection vulnerability. Users should upgrade to version 10.5.21 to receive a patch or, as a workaround, apply the patch manually. | |||
| CVE-2023-2327 | 0.00 | — | 0.00 | Apr 27, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-2341 | 0.00 | — | 0.01 | Apr 27, 2023 | Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-2336 | 0.00 | — | 0.01 | Apr 27, 2023 | Path Traversal in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-2338 | 0.00 | — | 0.01 | Apr 27, 2023 | SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-2323 | 0.00 | — | 0.01 | Apr 27, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-2328 | 0.00 | — | 0.00 | Apr 27, 2023 | Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-2343 | 0.00 | — | 0.00 | Apr 27, 2023 | Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-2342 | 0.00 | — | 0.00 | Apr 27, 2023 | Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-2340 | 0.00 | — | 0.00 | Apr 27, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-2322 | 0.00 | — | 0.01 | Apr 27, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-2339 | 0.00 | — | 0.01 | Apr 27, 2023 | Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. | |||
| CVE-2023-1704 | 0.00 | — | 0.00 | Mar 29, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.20. | |||
| CVE-2023-1702 | 0.00 | — | 0.00 | Mar 29, 2023 | Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20. | |||
| CVE-2023-1703 | 0.00 | — | 0.00 | Mar 29, 2023 | Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20. | |||
| CVE-2023-1701 | 0.00 | — | 0.00 | Mar 29, 2023 | Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.20. |
- CVE-2023-2361Apr 28, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-30852Apr 27, 2023risk 0.00cvss —epss 0.01
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the `/admin/misc/script-proxy` API endpoint that is accessible by an authenticated administrator user is vulnerable to arbitrary JavaScript and CSS file read via the `scriptPath` and…
- CVE-2023-30850Apr 27, 2023risk 0.00cvss —epss 0.01
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, a SQL Injection vulnerability exists in the admin translations API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually.
- CVE-2023-30849Apr 27, 2023risk 0.00cvss —epss 0.01
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, A SQL injection vulnerability exists in the translation export API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually.
- CVE-2023-30848Apr 27, 2023risk 0.00cvss —epss 0.01
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the admin search find API has a SQL injection vulnerability. Users should upgrade to version 10.5.21 to receive a patch or, as a workaround, apply the patch manually.
- CVE-2023-2327Apr 27, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-2341Apr 27, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-2336Apr 27, 2023risk 0.00cvss —epss 0.01
Path Traversal in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-2338Apr 27, 2023risk 0.00cvss —epss 0.01
SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-2323Apr 27, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-2328Apr 27, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-2343Apr 27, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-2342Apr 27, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-2340Apr 27, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-2322Apr 27, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-2339Apr 27, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.
- CVE-2023-1704Mar 29, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.20.
- CVE-2023-1702Mar 29, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20.
- CVE-2023-1703Mar 29, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20.
- CVE-2023-1701Mar 29, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.20.
Page 3 of 7