Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Pimcore Subscribe
Total 75 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1351 1 Pimcore 1 Pimcore 2022-04-21 3.5 LOW 5.4 MEDIUM
Stored XSS in Tooltip in GitHub repository pimcore/pimcore prior to 10.4.
CVE-2022-1339 1 Pimcore 1 Pimcore 2022-04-20 5.0 MEDIUM 7.5 HIGH
SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data
CVE-2022-1219 1 Pimcore 1 Pimcore 2022-04-13 5.0 MEDIUM 7.5 HIGH
SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data
CVE-2022-0955 1 Pimcore 1 Data-hub 2022-03-29 3.5 LOW 4.8 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/data-hub prior to 1.2.4.
CVE-2022-0704 1 Pimcore 1 Pimcore 2022-03-22 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVE-2022-0911 1 Pimcore 1 Pimcore 2022-03-22 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVE-2022-0705 1 Pimcore 1 Pimcore 2022-03-22 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVE-2022-0893 1 Pimcore 1 Pimcore 2022-03-21 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVE-2022-0894 1 Pimcore 1 Pimcore 2022-03-21 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVE-2022-0831 1 Pimcore 1 Pimcore 2022-03-10 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3.
CVE-2022-0832 1 Pimcore 1 Pimcore 2022-03-10 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3.
CVE-2022-0665 1 Pimcore 1 Pimcore 2022-03-01 5.5 MEDIUM 6.5 MEDIUM
Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2.
CVE-2022-0565 1 Pimcore 1 Pimcore 2022-02-22 5.0 MEDIUM 7.5 HIGH
Exposure of Sensitive Information to an Unauthorized Actor in Packagist pimcore/pimcore prior to 10.3.1.
CVE-2022-0510 1 Pimcore 1 Pimcore 2022-02-11 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1.
CVE-2022-0509 1 Pimcore 1 Pimcore 2022-02-11 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.3.1.
CVE-2022-0348 1 Pimcore 1 Pimcore 2022-02-02 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.
CVE-2022-0251 1 Pimcore 1 Pimcore 2022-02-01 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.10.
CVE-2022-0285 1 Pimcore 1 Pimcore 2022-01-26 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.9.
CVE-2022-0258 1 Pimcore 1 Pimcore 2022-01-25 6.5 MEDIUM 8.8 HIGH
pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
CVE-2022-0256 1 Pimcore 1 Pimcore 2022-01-24 3.5 LOW 5.4 MEDIUM
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')