pimcore/pimcore vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2023-3821Mediumpimcore/pimcore: Pimcore Cross-site Scripting vulnerabilityCVE-2023-3673Highpimcore/pimcore: Pimcore SQL Injection vulnerabilityCVE-2023-2984Mediumpimcore/pimcore: Pimcore vulnerable to Pre-Auth Path Traversal in pimcore_log parameterCVE-2023-2983Mediumpimcore/pimcore: Pimcore Privilege Defined With Unsafe Actions vulnerabilityCVE-2023-2730Mediumpimcore/pimcore: Pimcore Cross-site Scripting vulnerabilityCVE-2023-2630Mediumpimcore/pimcore: Pimcore Cross-site Scripting (XSS) vulnerability in Admin TranslationsCVE-2023-2616Mediumpimcore/pimcore: Pimcore Cross-site Scripting (XSS) in Static Routes name fieldCVE-2023-2614Mediumpimcore/pimcore: Pimcore Cross-site Scripting (XSS) in name field of Custom ReportsCVE-2023-2615Mediumpimcore/pimcore: Pimcore Cross-site Scripting (XSS) in Predefined Properties deleteCVE-2023-30855Mediumpimcore/pimcore: Pimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.phpCVE-2023-2361Mediumpimcore/pimcore: Cross-site Scripting (XSS) in pimcoreCVE-2023-30852Mediumpimcore/pimcore: Arbitrary File Read in Admin JS CSS filesCVE-2023-2340Mediumpimcore/pimcore: Cross-site Scripting (XSS) in DataObject columns gridCVE-2023-2339Mediumpimcore/pimcore: Cross-site Scripting (XSS) in DataObject Any Getter grid operatorCVE-2023-2336Mediumpimcore/pimcore: Path Traversal in Asset "import from server" optionCVE-2023-2332Mediumpimcore/pimcore: Cross-site Scripting (XSS) in Conditions tab of Pricing RulesCVE-2023-2328Mediumpimcore/pimcore: Cross-site Scripting (XSS) in DataObjects QuantityValue Unit DefinitionCVE-2023-2327Mediumpimcore/pimcore: Cross-site Scripting (XSS) in pimcore via DataObject Class date fieldsCVE-2023-2323Mediumpimcore/pimcore: Cross-site Scripting (XSS) in Ecommerce Pricing Rules name fieldCVE-2023-2322Mediumpimcore/pimcore: Cross-site Scripting (XSS) in Document Properties ParameterCVE-2023-2338Highpimcore/pimcore: SQL Injection in AssetControllerCVE-2023-2342Mediumpimcore/pimcore: Cross-site Scripting (XSS) in Website Settings name fieldCVE-2023-2341Mediumpimcore/pimcore: Cross-site Scripting (XSS) in Admin Login too many attempts noticeCVE-2023-2343Mediumpimcore/pimcore: Cross-site Scripting (XSS) in DataObject Classification StoreCVE-2023-30850Highpimcore/pimcore: SQL Injection in Admin Translations API

Stop the waste.
Protect your environment with Kodem.