| 0 |
| url |
VCID-1qrb-ra1y-1uf3 |
| vulnerability_id |
VCID-1qrb-ra1y-1uf3 |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.19. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
|
| aliases |
CVE-2023-1578, GHSA-42c3-wvww-gcqj
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1qrb-ra1y-1uf3 |
|
| 1 |
|
| 2 |
| url |
VCID-23ea-6aqe-37eb |
| vulnerability_id |
VCID-23ea-6aqe-37eb |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.5 |
| purl |
pkg:composer/pimcore/pimcore@10.3.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 21 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 22 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 23 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 24 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 25 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 26 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 27 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 28 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 29 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 30 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 31 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 32 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 33 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 34 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 35 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 36 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 37 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 38 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 39 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 40 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 41 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 42 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 43 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 44 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 45 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 46 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 47 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 48 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 49 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 50 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 51 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 52 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 53 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 54 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 55 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 56 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 57 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 58 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 59 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 60 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 61 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 62 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 63 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 64 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 65 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 66 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 67 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 68 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.5 |
|
|
| aliases |
CVE-2022-1219, GHSA-6gm7-j668-w6h9
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-23ea-6aqe-37eb |
|
| 3 |
| url |
VCID-29a6-htj3-z3dr |
| vulnerability_id |
VCID-29a6-htj3-z3dr |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.20 |
| purl |
pkg:composer/pimcore/pimcore@10.5.20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 4 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 5 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 6 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 7 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 8 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 9 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 10 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 11 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 12 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 13 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 14 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 15 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 16 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 17 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 18 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 19 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 20 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 21 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 22 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 23 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 24 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 25 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 26 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 27 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 28 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 29 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 30 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 31 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 32 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 33 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 34 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 35 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 36 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.20 |
|
| 1 |
|
|
| aliases |
CVE-2023-1702, GHSA-69fc-v223-6rjw, GHSA-6qjm-39vh-729w
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-29a6-htj3-z3dr |
|
| 4 |
|
| 5 |
| url |
VCID-3554-b9ab-rqc9 |
| vulnerability_id |
VCID-3554-b9ab-rqc9 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.14. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.14 |
| purl |
pkg:composer/pimcore/pimcore@10.5.14 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 5 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 6 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 7 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 8 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 9 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 10 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 11 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 12 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 13 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 14 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 15 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 16 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 17 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 18 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 19 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 20 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 21 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 22 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 23 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 24 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 25 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 26 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 27 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 28 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 29 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 30 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 31 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 32 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 33 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 34 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 35 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 36 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 37 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 38 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 39 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 40 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 41 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 42 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 43 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 44 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 45 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 46 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 47 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 48 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 49 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 50 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 51 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 52 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 53 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 54 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 55 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 56 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 57 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 58 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 59 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 60 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.14 |
|
|
| aliases |
CVE-2023-0323, GHSA-6vf6-g3pr-j83h
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3554-b9ab-rqc9 |
|
| 6 |
| url |
VCID-3qx3-fvbw-3fay |
| vulnerability_id |
VCID-3qx3-fvbw-3fay |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Pimcore is an open source data and experience management platform. Prior to version 10.5.19, quoting is not done properly in UUID DAO model. There is the theoretical possibility to inject custom SQL if the developer is using this methods with input data and not doing proper input validation in advance and so relies on the auto-quoting being done by the DAO class. Users should update to version 10.5.19 to receive a patch or, as a workaround, apply the patch manually. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
|
| aliases |
CVE-2023-28108, GHSA-xc9p-r5qj-8xm9
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3qx3-fvbw-3fay |
|
| 7 |
| url |
VCID-3y83-5tzw-g3h3 |
| vulnerability_id |
VCID-3y83-5tzw-g3h3 |
| summary |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.2 |
| purl |
pkg:composer/pimcore/pimcore@10.3.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 8 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 9 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 10 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 11 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 12 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 13 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 14 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 15 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 16 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 17 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 18 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 19 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 20 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 21 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 22 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 23 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 24 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 25 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 26 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 27 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 28 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 29 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 30 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 31 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 32 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 33 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 34 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 35 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 36 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 37 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 38 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 39 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 40 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 41 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 42 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 43 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 44 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 45 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 46 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 47 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 48 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 49 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 50 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 51 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 52 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 53 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 54 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 55 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 56 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 57 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 58 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 59 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 60 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 61 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 62 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 63 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 64 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 65 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 66 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 67 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 68 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 69 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 70 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 71 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 72 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 73 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.2 |
|
|
| aliases |
CVE-2022-0665, GHSA-gjq4-69wj-p6pr
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3y83-5tzw-g3h3 |
|
| 8 |
| url |
VCID-42wv-rbrs-43eh |
| vulnerability_id |
VCID-42wv-rbrs-43eh |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.7 |
| purl |
pkg:composer/pimcore/pimcore@10.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 11 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 12 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 13 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 14 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 15 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 16 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 17 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 18 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 19 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 20 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 21 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 22 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 23 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 24 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 25 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 26 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 27 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 28 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 29 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 30 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 31 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 32 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 33 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 34 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 35 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 36 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 37 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 38 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 39 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 40 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 41 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 42 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 43 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 44 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 45 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 46 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 47 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 48 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 49 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 50 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 51 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 52 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 53 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 54 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 55 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 56 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 57 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 58 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 59 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 60 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 61 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 62 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 63 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 64 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 65 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 66 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 67 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 68 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 69 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 70 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 71 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 72 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 73 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 74 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 75 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 76 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 77 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 78 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 79 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 80 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 81 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 82 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 83 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 84 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 85 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 86 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.7 |
|
|
| aliases |
CVE-2022-0262, GHSA-4f5x-q4jc-xfcf
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-42wv-rbrs-43eh |
|
| 9 |
| url |
VCID-4p1e-dst2-3yax |
| vulnerability_id |
VCID-4p1e-dst2-3yax |
| summary |
Deserialization of Untrusted Data
In Pimcore an attacker with limited privileges can trigger execution of a .phar file via a `phar://` URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the `phar://../../../../../../../../var/www/html/web/var/assets/` directory. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@5.7.1 |
| purl |
pkg:composer/pimcore/pimcore@5.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-9k8b-a52b-47fx |
|
| 19 |
| vulnerability |
VCID-a66j-sth4-d3dc |
|
| 20 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 21 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 22 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 23 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 24 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 25 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 26 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 27 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 28 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 29 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 30 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 31 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 32 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 33 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 34 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 35 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 36 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 37 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 38 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 39 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 40 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 41 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 42 |
| vulnerability |
VCID-ejnh-57m7-ffab |
|
| 43 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 44 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 45 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 46 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 47 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 48 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 49 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 50 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 51 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 52 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 53 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 54 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 55 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 56 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 57 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 58 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 59 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 60 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 61 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 62 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 63 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 64 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 65 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 66 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 67 |
| vulnerability |
VCID-p33r-uxhp-q3eu |
|
| 68 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 69 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 70 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 71 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 72 |
| vulnerability |
VCID-pygu-76pc-r7as |
|
| 73 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 74 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 75 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 76 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 77 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 78 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 79 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 80 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 81 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 82 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 83 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 84 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 85 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 86 |
| vulnerability |
VCID-umwk-nrvg-6bg5 |
|
| 87 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 88 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 89 |
| vulnerability |
VCID-utnk-dp6a-w3gf |
|
| 90 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 91 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 92 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 93 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 94 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 95 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 96 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 97 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 98 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 99 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 100 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 101 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 102 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 103 |
| vulnerability |
VCID-yq5e-ruk6-9ud2 |
|
| 104 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 105 |
| vulnerability |
VCID-yxfb-p2aw-t3ga |
|
| 106 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 107 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 108 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@5.7.1 |
|
|
| aliases |
CVE-2019-16317, GHSA-352x-hc2f-fwff
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4p1e-dst2-3yax |
|
| 10 |
| url |
VCID-53nb-8vf3-9ubb |
| vulnerability_id |
VCID-53nb-8vf3-9ubb |
| summary |
Pimcore Has an Incomplete Patch for CVE-2023-30848
An **incomplete SQL injection patch** in the Admin Search Find API allows an authenticated attacker to perform **blind SQL injection**.
Although CVE-2023-30848 attempted to mitigate SQL injection by removing SQL comments (--) and catching syntax errors, the fix is insufficient. Attackers can still inject SQL payloads that do not rely on comments and infer database information via blind techniques. This vulnerability affects the admin interface and can lead to **database information disclosure**. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2026-23492, GHSA-qvr7-7g55-69xj
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-53nb-8vf3-9ubb |
|
| 11 |
| url |
VCID-66tj-dw5v-kqdm |
| vulnerability_id |
VCID-66tj-dw5v-kqdm |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.7 |
| purl |
pkg:composer/pimcore/pimcore@10.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 11 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 12 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 13 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 14 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 15 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 16 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 17 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 18 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 19 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 20 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 21 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 22 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 23 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 24 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 25 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 26 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 27 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 28 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 29 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 30 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 31 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 32 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 33 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 34 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 35 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 36 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 37 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 38 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 39 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 40 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 41 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 42 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 43 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 44 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 45 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 46 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 47 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 48 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 49 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 50 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 51 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 52 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 53 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 54 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 55 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 56 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 57 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 58 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 59 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 60 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 61 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 62 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 63 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 64 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 65 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 66 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 67 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 68 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 69 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 70 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 71 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 72 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 73 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 74 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 75 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 76 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 77 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 78 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 79 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 80 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 81 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 82 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 83 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 84 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 85 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 86 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.7 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.2.9 |
| purl |
pkg:composer/pimcore/pimcore@10.2.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 12 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 13 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 14 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 15 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 16 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 17 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 18 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 19 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 20 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 21 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 22 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 23 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 24 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 25 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 26 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 27 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 28 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 29 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 30 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 31 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 32 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 33 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 34 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 35 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 36 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 37 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 38 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 39 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 40 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 41 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 42 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 43 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 44 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 45 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 46 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 47 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 48 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 49 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 50 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 51 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 52 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 53 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 54 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 55 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 56 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 57 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 58 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 59 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 60 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 61 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 62 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 63 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 64 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 65 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 66 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 67 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 68 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 69 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 70 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 71 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 72 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 73 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 74 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 75 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 76 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 77 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 78 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 79 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 80 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 81 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 82 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 83 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.9 |
|
|
| aliases |
CVE-2022-0260, GHSA-455w-gv5p-wgg3
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-66tj-dw5v-kqdm |
|
| 12 |
| url |
VCID-6p5t-7h74-gueh |
| vulnerability_id |
VCID-6p5t-7h74-gueh |
| summary |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Path Traversal in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2336, GHSA-hg77-vx9v-f49x
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6p5t-7h74-gueh |
|
| 13 |
| url |
VCID-6sy7-7q66-g3b2 |
| vulnerability_id |
VCID-6sy7-7q66-g3b2 |
| summary |
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.7 |
| purl |
pkg:composer/pimcore/pimcore@10.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 11 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 12 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 13 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 14 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 15 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 16 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 17 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 18 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 19 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 20 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 21 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 22 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 23 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 24 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 25 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 26 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 27 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 28 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 29 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 30 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 31 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 32 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 33 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 34 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 35 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 36 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 37 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 38 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 39 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 40 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 41 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 42 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 43 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 44 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 45 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 46 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 47 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 48 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 49 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 50 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 51 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 52 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 53 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 54 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 55 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 56 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 57 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 58 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 59 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 60 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 61 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 62 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 63 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 64 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 65 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 66 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 67 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 68 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 69 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 70 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 71 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 72 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 73 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 74 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 75 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 76 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 77 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 78 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 79 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 80 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 81 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 82 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 83 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 84 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 85 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 86 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.7 |
|
|
| aliases |
CVE-2021-4139, GHSA-8xx9-rxrj-2m2w
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6sy7-7q66-g3b2 |
|
| 14 |
| url |
VCID-7km3-dmkc-dygb |
| vulnerability_id |
VCID-7km3-dmkc-dygb |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.8 |
| purl |
pkg:composer/pimcore/pimcore@10.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 12 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 13 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 14 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 15 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 16 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 17 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 18 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 19 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 20 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 21 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 22 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 23 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 24 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 25 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 26 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 27 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 28 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 29 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 30 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 31 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 32 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 33 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 34 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 35 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 36 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 37 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 38 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 39 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 40 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 41 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 42 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 43 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 44 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 45 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 46 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 47 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 48 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 49 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 50 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 51 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 52 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 53 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 54 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 55 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 56 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 57 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 58 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 59 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 60 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 61 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 62 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 63 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 64 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 65 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 66 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 67 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 68 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 69 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 70 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 71 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 72 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 73 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 74 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 75 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 76 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 77 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 78 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 79 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 80 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 81 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 82 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 83 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.8 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.2.9 |
| purl |
pkg:composer/pimcore/pimcore@10.2.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 12 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 13 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 14 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 15 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 16 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 17 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 18 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 19 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 20 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 21 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 22 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 23 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 24 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 25 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 26 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 27 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 28 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 29 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 30 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 31 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 32 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 33 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 34 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 35 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 36 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 37 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 38 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 39 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 40 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 41 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 42 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 43 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 44 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 45 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 46 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 47 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 48 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 49 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 50 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 51 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 52 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 53 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 54 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 55 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 56 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 57 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 58 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 59 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 60 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 61 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 62 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 63 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 64 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 65 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 66 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 67 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 68 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 69 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 70 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 71 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 72 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 73 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 74 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 75 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 76 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 77 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 78 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 79 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 80 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 81 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 82 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 83 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.9 |
|
|
| aliases |
CVE-2022-0258, GHSA-vj9x-w7ch-f46p
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7km3-dmkc-dygb |
|
| 15 |
| url |
VCID-8db4-zxk5-tqab |
| vulnerability_id |
VCID-8db4-zxk5-tqab |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.1 |
| purl |
pkg:composer/pimcore/pimcore@10.3.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 11 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 12 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 13 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 14 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 15 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 16 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 17 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 18 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 19 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 20 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 21 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 22 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 23 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 24 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 25 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 26 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 27 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 28 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 29 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 30 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 31 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 32 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 33 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 34 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 35 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 36 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 37 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 38 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 39 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 40 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 41 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 42 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 43 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 44 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 45 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 46 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 47 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 48 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 49 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 50 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 51 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 52 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 53 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 54 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 55 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 56 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 57 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 58 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 59 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 60 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 61 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 62 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 63 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 64 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 65 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 66 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 67 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 68 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 69 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 70 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 71 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 72 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 73 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 74 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.1 |
|
|
| aliases |
CVE-2022-0509, GHSA-cg3h-rc9q-g8v9
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8db4-zxk5-tqab |
|
| 16 |
| url |
VCID-8mnw-8egh-cycq |
| vulnerability_id |
VCID-8mnw-8egh-cycq |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored XSS in Packagist pimcore/pimcore. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.9 |
| purl |
pkg:composer/pimcore/pimcore@10.2.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 12 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 13 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 14 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 15 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 16 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 17 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 18 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 19 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 20 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 21 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 22 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 23 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 24 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 25 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 26 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 27 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 28 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 29 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 30 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 31 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 32 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 33 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 34 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 35 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 36 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 37 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 38 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 39 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 40 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 41 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 42 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 43 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 44 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 45 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 46 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 47 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 48 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 49 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 50 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 51 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 52 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 53 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 54 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 55 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 56 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 57 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 58 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 59 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 60 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 61 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 62 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 63 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 64 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 65 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 66 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 67 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 68 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 69 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 70 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 71 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 72 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 73 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 74 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 75 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 76 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 77 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 78 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 79 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 80 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 81 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 82 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 83 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.9 |
|
|
| aliases |
CVE-2022-0285, GHSA-pm3v-qxf6-fgxv
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8mnw-8egh-cycq |
|
| 17 |
| url |
VCID-8p88-g4b6-sfg3 |
| vulnerability_id |
VCID-8p88-g4b6-sfg3 |
| summary |
Duplicate
This advisory duplicates another. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.16 |
| purl |
pkg:composer/pimcore/pimcore@10.5.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 5 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 6 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 7 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 8 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 9 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 10 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 11 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 12 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 13 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 14 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 15 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 16 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 17 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 18 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 19 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 20 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 21 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 22 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 23 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 24 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 25 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 26 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 27 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 28 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 29 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 30 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 31 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 32 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 33 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 34 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 35 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 36 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 37 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 38 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 39 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 40 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 41 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 42 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 43 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 44 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 45 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 46 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 47 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 48 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 49 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 50 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 51 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 52 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 53 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 54 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 55 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 56 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 57 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 58 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 59 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.16 |
|
|
| aliases |
CVE-2023-23937, GHSA-8xv4-jj4h-qww6, GMS-2023-222
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8p88-g4b6-sfg3 |
|
| 18 |
| url |
VCID-91fn-ycss-c3c1 |
| vulnerability_id |
VCID-91fn-ycss-c3c1 |
| summary |
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.6 |
| purl |
pkg:composer/pimcore/pimcore@10.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 18 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 19 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 20 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 21 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 22 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 23 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 24 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 25 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 26 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 27 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 28 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 29 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 30 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 31 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 32 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 33 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 34 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 35 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 36 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 37 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 38 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 39 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 40 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 41 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 42 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 43 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 44 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 45 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 46 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 47 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 48 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 49 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 50 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 51 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 52 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 53 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 54 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 55 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 56 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 57 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 58 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 59 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 60 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 61 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 62 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 63 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 64 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 65 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 66 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 67 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 68 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 69 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 70 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 71 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 72 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 73 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 74 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 75 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 76 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 77 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 78 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 79 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 80 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 81 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 82 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 83 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 84 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 85 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 86 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 87 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 88 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 89 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 90 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.6 |
|
|
| aliases |
CVE-2021-4084, GHSA-8w3x-r6x7-c5r5
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-91fn-ycss-c3c1 |
|
| 19 |
| url |
VCID-9k8b-a52b-47fx |
| vulnerability_id |
VCID-9k8b-a52b-47fx |
| summary |
Path Traversal
A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the `CustomReportController` class. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@6.8.8 |
| purl |
pkg:composer/pimcore/pimcore@6.8.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-a66j-sth4-d3dc |
|
| 19 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 20 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 21 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 22 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 23 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 24 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 25 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 26 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 27 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 28 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 29 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 30 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 31 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 32 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 33 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 34 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 35 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 36 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 37 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 38 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 39 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 40 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 41 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 42 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 43 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 44 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 45 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 46 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 47 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 48 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 49 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 50 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 51 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 52 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 53 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 54 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 55 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 56 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 57 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 58 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 59 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 60 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 61 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 62 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 63 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 64 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 65 |
| vulnerability |
VCID-p33r-uxhp-q3eu |
|
| 66 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 67 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 68 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 69 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 70 |
| vulnerability |
VCID-pygu-76pc-r7as |
|
| 71 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 72 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 73 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 74 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 75 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 76 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 77 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 78 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 79 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 80 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 81 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 82 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 83 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 84 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 85 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 86 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 87 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 88 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 89 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 90 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 91 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 92 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 93 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 94 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 95 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 96 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 97 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 98 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 99 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 100 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 101 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 102 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@6.8.8 |
|
|
| aliases |
CVE-2021-23340, GHSA-h7f9-cvh5-qw7f
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9k8b-a52b-47fx |
|
| 20 |
| url |
VCID-a66j-sth4-d3dc |
| vulnerability_id |
VCID-a66j-sth4-d3dc |
| summary |
CKEditor 4 vulnerabilities in versions <4.16.1
Details see:
https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-m94c-37g6-cjhc ( CVE-2021-37695 )
https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-6226-h7ff-ch6c ( CVE-2021-32808 )
https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7889-rm5j-hpgg ( CVE-2021-32809 )
Patch:
https://github.com/pimcore/pimcore/pull/10032 |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.1.1 |
| purl |
pkg:composer/pimcore/pimcore@10.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 19 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 20 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 21 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 22 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 23 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 24 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 25 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 26 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 27 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 28 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 29 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 30 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 31 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 32 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 33 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 34 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 35 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 36 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 37 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 38 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 39 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 40 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 41 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 42 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 43 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 44 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 45 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 46 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 47 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 48 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 49 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 50 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 51 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 52 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 53 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 54 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 55 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 56 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 57 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 58 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 59 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 60 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 61 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 62 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 63 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 64 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 65 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 66 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 67 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 68 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 69 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 70 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 71 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 72 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 73 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 74 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 75 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 76 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 77 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 78 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 79 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 80 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 81 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 82 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 83 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 84 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 85 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 86 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 87 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 88 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 89 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 90 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 91 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 92 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 93 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 94 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 95 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 96 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 97 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 98 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 99 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.1.1 |
|
|
| aliases |
GHSA-cfcv-q4qq-2ph4, GMS-2021-117
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a66j-sth4-d3dc |
|
| 21 |
| url |
VCID-a9rr-m13m-yuc6 |
| vulnerability_id |
VCID-a9rr-m13m-yuc6 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.1 |
| purl |
pkg:composer/pimcore/pimcore@10.3.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 11 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 12 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 13 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 14 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 15 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 16 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 17 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 18 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 19 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 20 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 21 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 22 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 23 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 24 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 25 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 26 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 27 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 28 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 29 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 30 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 31 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 32 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 33 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 34 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 35 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 36 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 37 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 38 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 39 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 40 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 41 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 42 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 43 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 44 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 45 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 46 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 47 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 48 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 49 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 50 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 51 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 52 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 53 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 54 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 55 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 56 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 57 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 58 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 59 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 60 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 61 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 62 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 63 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 64 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 65 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 66 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 67 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 68 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 69 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 70 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 71 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 72 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 73 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 74 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.1 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.4.0 |
| purl |
pkg:composer/pimcore/pimcore@10.4.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 21 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 22 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 23 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 24 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 25 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 26 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 27 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 28 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 29 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 30 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 31 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 32 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 33 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 34 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 35 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 36 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 37 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 38 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 39 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 40 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 41 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 42 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 43 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 44 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 45 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 46 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 47 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 48 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 49 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 50 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 51 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 52 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 53 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 54 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 55 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 56 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 57 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 58 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 59 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 60 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 61 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 62 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 63 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 64 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 65 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 66 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.4.0 |
|
|
| aliases |
CVE-2022-0893, GHSA-g795-4hxx-qqwm
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a9rr-m13m-yuc6 |
|
| 22 |
|
| 23 |
| url |
VCID-b5sk-cu89-hubw |
| vulnerability_id |
VCID-b5sk-cu89-hubw |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pimcore/pimcore. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.17 |
| purl |
pkg:composer/pimcore/pimcore@10.5.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 5 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 6 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 7 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 8 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 9 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 10 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 11 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 12 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 13 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 14 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 15 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 16 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 17 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 18 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 19 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 20 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 21 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 22 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 23 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 24 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 25 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 26 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 27 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 28 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 29 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 30 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 31 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 32 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 33 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 34 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 35 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 36 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 37 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 38 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 39 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 40 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 41 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 42 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 43 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 44 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 45 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 46 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 47 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 48 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 49 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 50 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 51 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 52 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 53 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 54 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 55 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 56 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 57 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 58 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.17 |
|
| 1 |
|
|
| aliases |
GHSA-76r7-h46w-463r, GMS-2023-363
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b5sk-cu89-hubw |
|
| 24 |
| url |
VCID-b8x1-6xn4-c7gm |
| vulnerability_id |
VCID-b8x1-6xn4-c7gm |
| summary |
Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.7 |
| purl |
pkg:composer/pimcore/pimcore@10.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 11 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 12 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 13 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 14 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 15 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 16 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 17 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 18 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 19 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 20 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 21 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 22 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 23 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 24 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 25 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 26 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 27 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 28 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 29 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 30 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 31 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 32 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 33 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 34 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 35 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 36 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 37 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 38 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 39 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 40 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 41 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 42 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 43 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 44 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 45 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 46 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 47 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 48 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 49 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 50 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 51 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 52 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 53 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 54 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 55 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 56 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 57 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 58 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 59 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 60 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 61 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 62 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 63 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 64 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 65 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 66 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 67 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 68 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 69 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 70 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 71 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 72 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 73 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 74 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 75 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 76 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 77 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 78 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 79 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 80 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 81 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 82 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 83 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 84 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 85 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 86 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.7 |
|
|
| aliases |
CVE-2022-0263, GHSA-c697-r227-pq6h
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b8x1-6xn4-c7gm |
|
| 25 |
| url |
VCID-begq-psyd-fyh3 |
| vulnerability_id |
VCID-begq-psyd-fyh3 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2630, GHSA-w766-3572-f2hv
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-begq-psyd-fyh3 |
|
| 26 |
| url |
VCID-bqh2-mx6q-pygq |
| vulnerability_id |
VCID-bqh2-mx6q-pygq |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2323, GHSA-cjv6-w5hf-5wr6
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bqh2-mx6q-pygq |
|
| 27 |
| url |
VCID-c2ht-41t3-eqaq |
| vulnerability_id |
VCID-c2ht-41t3-eqaq |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.20. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.20 |
| purl |
pkg:composer/pimcore/pimcore@10.5.20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 4 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 5 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 6 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 7 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 8 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 9 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 10 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 11 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 12 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 13 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 14 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 15 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 16 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 17 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 18 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 19 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 20 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 21 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 22 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 23 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 24 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 25 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 26 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 27 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 28 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 29 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 30 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 31 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 32 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 33 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 34 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 35 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 36 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.20 |
|
| 1 |
|
|
| aliases |
CVE-2023-1704, GHSA-hfmg-g39c-5444, GHSA-rp78-4562-gx3c
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c2ht-41t3-eqaq |
|
| 28 |
| url |
VCID-c8ex-6vwd-zkd4 |
| vulnerability_id |
VCID-c8ex-6vwd-zkd4 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.1 |
| purl |
pkg:composer/pimcore/pimcore@10.3.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 11 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 12 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 13 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 14 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 15 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 16 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 17 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 18 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 19 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 20 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 21 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 22 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 23 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 24 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 25 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 26 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 27 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 28 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 29 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 30 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 31 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 32 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 33 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 34 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 35 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 36 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 37 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 38 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 39 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 40 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 41 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 42 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 43 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 44 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 45 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 46 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 47 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 48 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 49 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 50 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 51 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 52 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 53 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 54 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 55 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 56 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 57 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 58 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 59 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 60 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 61 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 62 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 63 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 64 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 65 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 66 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 67 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 68 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 69 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 70 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 71 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 72 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 73 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 74 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.1 |
|
|
| aliases |
CVE-2022-0510, GHSA-mxh3-2699-98g9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c8ex-6vwd-zkd4 |
|
| 29 |
| url |
VCID-ccyy-h9dp-cya2 |
| vulnerability_id |
VCID-ccyy-h9dp-cya2 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2342, GHSA-2c67-p4xh-m34w
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ccyy-h9dp-cya2 |
|
| 30 |
| url |
VCID-cndq-yx1e-jkg7 |
| vulnerability_id |
VCID-cndq-yx1e-jkg7 |
| summary |
Relative Path Traversal in pimcore/pimcore. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.18 |
| purl |
pkg:composer/pimcore/pimcore@10.5.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 5 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 6 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 7 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 8 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 9 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 10 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 11 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 12 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 13 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 14 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 15 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 16 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 17 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 18 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 19 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 20 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 21 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 22 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 23 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 24 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 25 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 26 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 27 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 28 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 29 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 30 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 31 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 32 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 33 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 34 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 35 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 36 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 37 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 38 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 39 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 40 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 41 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 42 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 43 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 44 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 45 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 46 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 47 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 48 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 49 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 50 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 51 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 52 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 53 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.18 |
|
|
| aliases |
CVE-2023-30855, GHSA-g2mc-fqqc-hxg3
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cndq-yx1e-jkg7 |
|
| 31 |
| url |
VCID-cr5h-bz5b-jufg |
| vulnerability_id |
VCID-cr5h-bz5b-jufg |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2343, GHSA-9q7q-r54q-3f3g
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cr5h-bz5b-jufg |
|
| 32 |
| url |
VCID-cyfe-vput-1fbk |
| vulnerability_id |
VCID-cyfe-vput-1fbk |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2341, GHSA-fq95-rx4q-qgg2
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cyfe-vput-1fbk |
|
| 33 |
| url |
VCID-d3ns-rfuc-dkdp |
| vulnerability_id |
VCID-d3ns-rfuc-dkdp |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.19. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
| 1 |
|
|
| aliases |
CVE-2023-1312, GHSA-gh4g-65f6-84g5
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d3ns-rfuc-dkdp |
|
| 34 |
| url |
VCID-d6cw-a4th-eueu |
| vulnerability_id |
VCID-d6cw-a4th-eueu |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, A SQL injection vulnerability exists in the translation export API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-30849, GHSA-xmg8-w465-mr56
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d6cw-a4th-eueu |
|
| 35 |
| url |
VCID-dakz-7vpr-ykbe |
| vulnerability_id |
VCID-dakz-7vpr-ykbe |
| summary |
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.8 |
| purl |
pkg:composer/pimcore/pimcore@10.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 12 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 13 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 14 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 15 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 16 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 17 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 18 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 19 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 20 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 21 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 22 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 23 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 24 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 25 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 26 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 27 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 28 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 29 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 30 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 31 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 32 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 33 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 34 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 35 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 36 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 37 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 38 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 39 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 40 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 41 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 42 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 43 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 44 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 45 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 46 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 47 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 48 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 49 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 50 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 51 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 52 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 53 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 54 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 55 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 56 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 57 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 58 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 59 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 60 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 61 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 62 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 63 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 64 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 65 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 66 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 67 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 68 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 69 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 70 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 71 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 72 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 73 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 74 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 75 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 76 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 77 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 78 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 79 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 80 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 81 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 82 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 83 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.8 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.2.9 |
| purl |
pkg:composer/pimcore/pimcore@10.2.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 12 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 13 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 14 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 15 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 16 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 17 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 18 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 19 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 20 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 21 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 22 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 23 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 24 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 25 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 26 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 27 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 28 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 29 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 30 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 31 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 32 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 33 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 34 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 35 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 36 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 37 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 38 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 39 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 40 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 41 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 42 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 43 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 44 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 45 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 46 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 47 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 48 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 49 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 50 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 51 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 52 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 53 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 54 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 55 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 56 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 57 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 58 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 59 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 60 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 61 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 62 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 63 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 64 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 65 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 66 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 67 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 68 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 69 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 70 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 71 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 72 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 73 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 74 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 75 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 76 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 77 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 78 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 79 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 80 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 81 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 82 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 83 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.9 |
|
|
| aliases |
CVE-2022-0257, GHSA-v567-q267-phpg
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dakz-7vpr-ykbe |
|
| 36 |
| url |
VCID-daqy-9srj-kkbc |
| vulnerability_id |
VCID-daqy-9srj-kkbc |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL injection in `GridHelperService.php` in GitHub repository pimcore/pimcore prior to 10.3.6. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.6 |
| purl |
pkg:composer/pimcore/pimcore@10.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 21 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 22 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 23 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 24 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 25 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 26 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 27 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 28 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 29 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 30 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 31 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 32 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 33 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 34 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 35 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 36 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 37 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 38 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 39 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 40 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 41 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 42 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 43 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 44 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 45 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 46 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 47 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 48 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 49 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 50 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 51 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 52 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 53 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 54 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 55 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 56 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 57 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 58 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 59 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 60 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 61 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 62 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 63 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 64 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 65 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 66 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.6 |
|
|
| aliases |
CVE-2022-1429, GHSA-2v7p-f4qm-r5pc
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-daqy-9srj-kkbc |
|
| 37 |
| url |
VCID-de2k-yy77-6yhn |
| vulnerability_id |
VCID-de2k-yy77-6yhn |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A stored Cross-site Scripting (XSS) vulnrability was found in pimcore. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.0 |
| purl |
pkg:composer/pimcore/pimcore@10.2.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 19 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 20 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 21 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 22 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 23 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 24 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 25 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 26 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 27 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 28 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 29 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 30 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 31 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 32 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 33 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 34 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 35 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 36 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 37 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 38 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 39 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 40 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 41 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 42 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 43 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 44 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 45 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 46 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 47 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 48 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 49 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 50 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 51 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 52 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 53 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 54 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 55 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 56 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 57 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 58 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 59 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 60 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 61 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 62 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 63 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 64 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 65 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 66 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 67 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 68 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 69 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 70 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 71 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 72 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 73 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 74 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 75 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 76 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 77 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 78 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 79 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 80 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 81 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 82 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 83 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 84 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 85 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 86 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 87 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 88 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 89 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 90 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 91 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 92 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 93 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 94 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.0 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.2.10 |
| purl |
pkg:composer/pimcore/pimcore@10.2.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 12 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 13 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 14 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 15 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 16 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 17 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 18 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 19 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 20 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 21 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 22 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 23 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 24 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 25 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 26 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 27 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 28 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 29 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 30 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 31 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 32 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 33 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 34 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 35 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 36 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 37 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 38 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 39 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 40 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 41 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 42 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 43 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 44 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 45 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 46 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 47 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 48 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 49 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 50 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 51 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 52 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 53 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 54 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 55 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 56 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 57 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 58 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 59 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 60 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 61 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 62 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 63 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 64 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 65 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 66 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 67 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 68 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 69 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 70 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 71 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 72 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 73 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 74 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 75 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 76 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 77 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 78 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 79 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 80 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 81 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 82 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.10 |
|
|
| aliases |
CVE-2022-0348, GHSA-8x44-pwr2-rgc6
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-de2k-yy77-6yhn |
|
| 38 |
| url |
VCID-dmkv-tpma-qbfn |
| vulnerability_id |
VCID-dmkv-tpma-qbfn |
| summary |
Pimcore vulnerable to stored stored Cross-site Scripting via`properties` when creating new users
Pimcore prior to 10.5.6 is vulnerable to stored cross-site scripting. This occurs when an attacker injects a payload when adding properties for a new user. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.6 |
| purl |
pkg:composer/pimcore/pimcore@10.5.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 21 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 22 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 23 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 24 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 25 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 26 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 27 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 28 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 29 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 30 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 31 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 32 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 33 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 34 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 35 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 36 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 37 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 38 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 39 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 40 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 41 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 42 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 43 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 44 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 45 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 46 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 47 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 48 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 49 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 50 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 51 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 52 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 53 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 54 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 55 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 56 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 57 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 58 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 59 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 60 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 61 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 62 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 63 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.6 |
|
|
| aliases |
CVE-2022-3211, GHSA-4849-x3jx-45qr
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dmkv-tpma-qbfn |
|
| 39 |
| url |
VCID-dmrj-fj5a-vqbh |
| vulnerability_id |
VCID-dmrj-fj5a-vqbh |
| summary |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. A path traversal vulnerability exists in the `AssetController::importServerFilesAction`, which allows an attacker to overwrite or modify sensitive files by manipulating the pimcore_log parameter.This can lead to potential denial of service---key file overwrite.
The impact of this vulnerability allows attackers to: overwrite or modify sensitive files, potentially leading to unauthorized access, privilege escalation, or disclosure of confidential information. This could also cause a denial of service (DoS) if critical system files are overwritten or deleted. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2023-38708, GHSA-34hj-v8fm-x887
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dmrj-fj5a-vqbh |
|
| 40 |
| url |
VCID-dt28-cwh4-gyga |
| vulnerability_id |
VCID-dt28-cwh4-gyga |
| summary |
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.8 |
| purl |
pkg:composer/pimcore/pimcore@10.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 12 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 13 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 14 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 15 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 16 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 17 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 18 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 19 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 20 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 21 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 22 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 23 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 24 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 25 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 26 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 27 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 28 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 29 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 30 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 31 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 32 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 33 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 34 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 35 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 36 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 37 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 38 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 39 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 40 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 41 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 42 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 43 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 44 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 45 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 46 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 47 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 48 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 49 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 50 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 51 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 52 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 53 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 54 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 55 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 56 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 57 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 58 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 59 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 60 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 61 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 62 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 63 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 64 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 65 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 66 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 67 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 68 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 69 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 70 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 71 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 72 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 73 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 74 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 75 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 76 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 77 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 78 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 79 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 80 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 81 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 82 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 83 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.8 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.2.9 |
| purl |
pkg:composer/pimcore/pimcore@10.2.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 12 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 13 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 14 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 15 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 16 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 17 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 18 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 19 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 20 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 21 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 22 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 23 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 24 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 25 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 26 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 27 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 28 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 29 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 30 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 31 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 32 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 33 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 34 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 35 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 36 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 37 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 38 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 39 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 40 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 41 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 42 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 43 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 44 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 45 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 46 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 47 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 48 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 49 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 50 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 51 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 52 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 53 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 54 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 55 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 56 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 57 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 58 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 59 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 60 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 61 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 62 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 63 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 64 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 65 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 66 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 67 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 68 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 69 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 70 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 71 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 72 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 73 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 74 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 75 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 76 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 77 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 78 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 79 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 80 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 81 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 82 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 83 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.9 |
|
|
| aliases |
CVE-2022-0256, GHSA-57hg-26h7-9qgv
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dt28-cwh4-gyga |
|
| 41 |
| url |
VCID-e35r-qy72-4uaj |
| vulnerability_id |
VCID-e35r-qy72-4uaj |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2339, GHSA-6fvf-x8c6-2f6j
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e35r-qy72-4uaj |
|
| 42 |
| url |
VCID-e9sz-xvw9-4fbb |
| vulnerability_id |
VCID-e9sz-xvw9-4fbb |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2338, GHSA-4x35-vr82-xvj6
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e9sz-xvw9-4fbb |
|
| 43 |
| url |
VCID-ejnh-57m7-ffab |
| vulnerability_id |
VCID-ejnh-57m7-ffab |
| summary |
pimcore/pimcore is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via `id`, `storeId`, `pageSize` and `tables` parameters, using a payload for trigger a time based or error based sql injection. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@6.3.0 |
| purl |
pkg:composer/pimcore/pimcore@6.3.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-9k8b-a52b-47fx |
|
| 19 |
| vulnerability |
VCID-a66j-sth4-d3dc |
|
| 20 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 21 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 22 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 23 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 24 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 25 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 26 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 27 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 28 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 29 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 30 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 31 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 32 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 33 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 34 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 35 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 36 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 37 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 38 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 39 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 40 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 41 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 42 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 43 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 44 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 45 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 46 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 47 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 48 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 49 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 50 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 51 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 52 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 53 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 54 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 55 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 56 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 57 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 58 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 59 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 60 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 61 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 62 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 63 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 64 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 65 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 66 |
| vulnerability |
VCID-p33r-uxhp-q3eu |
|
| 67 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 68 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 69 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 70 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 71 |
| vulnerability |
VCID-pygu-76pc-r7as |
|
| 72 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 73 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 74 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 75 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 76 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 77 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 78 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 79 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 80 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 81 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 82 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 83 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 84 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 85 |
| vulnerability |
VCID-umwk-nrvg-6bg5 |
|
| 86 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 87 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 88 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 89 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 90 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 91 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 92 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 93 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 94 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 95 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 96 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 97 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 98 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 99 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 100 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 101 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 102 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 103 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 104 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@6.3.0 |
|
|
| aliases |
CVE-2019-10763, GHSA-fpff-384j-vxq7
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ejnh-57m7-ffab |
|
| 44 |
| url |
VCID-erpf-xa8n-afcf |
| vulnerability_id |
VCID-erpf-xa8n-afcf |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.1 |
| purl |
pkg:composer/pimcore/pimcore@10.3.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 11 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 12 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 13 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 14 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 15 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 16 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 17 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 18 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 19 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 20 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 21 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 22 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 23 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 24 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 25 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 26 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 27 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 28 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 29 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 30 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 31 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 32 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 33 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 34 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 35 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 36 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 37 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 38 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 39 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 40 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 41 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 42 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 43 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 44 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 45 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 46 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 47 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 48 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 49 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 50 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 51 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 52 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 53 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 54 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 55 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 56 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 57 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 58 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 59 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 60 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 61 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 62 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 63 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 64 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 65 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 66 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 67 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 68 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 69 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 70 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 71 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 72 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 73 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 74 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.1 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.4.0 |
| purl |
pkg:composer/pimcore/pimcore@10.4.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 21 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 22 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 23 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 24 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 25 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 26 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 27 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 28 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 29 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 30 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 31 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 32 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 33 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 34 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 35 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 36 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 37 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 38 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 39 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 40 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 41 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 42 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 43 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 44 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 45 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 46 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 47 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 48 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 49 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 50 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 51 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 52 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 53 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 54 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 55 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 56 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 57 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 58 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 59 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 60 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 61 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 62 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 63 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 64 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 65 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 66 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.4.0 |
|
|
| aliases |
CVE-2022-0894, GHSA-22hc-47cc-7x6f
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-erpf-xa8n-afcf |
|
| 45 |
| url |
VCID-f1st-tu3e-5qem |
| vulnerability_id |
VCID-f1st-tu3e-5qem |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.5 |
| purl |
pkg:composer/pimcore/pimcore@10.3.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 21 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 22 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 23 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 24 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 25 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 26 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 27 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 28 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 29 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 30 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 31 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 32 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 33 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 34 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 35 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 36 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 37 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 38 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 39 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 40 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 41 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 42 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 43 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 44 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 45 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 46 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 47 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 48 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 49 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 50 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 51 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 52 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 53 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 54 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 55 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 56 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 57 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 58 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 59 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 60 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 61 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 62 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 63 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 64 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 65 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 66 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 67 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 68 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.5 |
|
|
| aliases |
CVE-2022-1339, GHSA-mj2c-5mjv-gmmj
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f1st-tu3e-5qem |
|
| 46 |
| url |
VCID-fjvx-uvar-6fcq |
| vulnerability_id |
VCID-fjvx-uvar-6fcq |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.18 |
| purl |
pkg:composer/pimcore/pimcore@10.5.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 5 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 6 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 7 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 8 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 9 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 10 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 11 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 12 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 13 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 14 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 15 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 16 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 17 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 18 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 19 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 20 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 21 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 22 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 23 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 24 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 25 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 26 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 27 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 28 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 29 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 30 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 31 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 32 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 33 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 34 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 35 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 36 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 37 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 38 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 39 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 40 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 41 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 42 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 43 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 44 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 45 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 46 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 47 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 48 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 49 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 50 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 51 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 52 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 53 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.18 |
|
| 1 |
|
|
| aliases |
CVE-2023-1115, GHSA-97cp-8873-v2gf
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fjvx-uvar-6fcq |
|
| 47 |
| url |
VCID-fk9y-7e4h-3uey |
| vulnerability_id |
VCID-fk9y-7e4h-3uey |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2340, GHSA-g93x-fm2w-5pxw
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fk9y-7e4h-3uey |
|
| 48 |
| url |
VCID-fkd6-pyag-kyc6 |
| vulnerability_id |
VCID-fkd6-pyag-kyc6 |
| summary |
RCE vulnerability in Pimcore/Mail & Dynamic Text Layout
### Impact
The user controlled twig templates rendering in `Pimcore/Mail` & `ClassDefinition\Layout\Text` is vulnerable to server-side template Injection RCE.
### Patches
Update to version 10.5.9 or apply this patch manually https://github.com/pimcore/pimcore/pull/13347.patch
### Workarounds
Apply https://github.com/pimcore/pimcore/pull/13347.patch manually.
### References
Credits: @nth347 from Viettel Cyber Security |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.9 |
| purl |
pkg:composer/pimcore/pimcore@10.5.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 21 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 22 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 23 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 24 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 25 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 26 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 27 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 28 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 29 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 30 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 31 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 32 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 33 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 34 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 35 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 36 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 37 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 38 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 39 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 40 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 41 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 42 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 43 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 44 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 45 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 46 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 47 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 48 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 49 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 50 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 51 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 52 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 53 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 54 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 55 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 56 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 57 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 58 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 59 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 60 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 61 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.9 |
|
|
| aliases |
CVE-2022-39365, GHSA-5qxq-vgmm-q39m
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fkd6-pyag-kyc6 |
|
| 49 |
| url |
VCID-fzt2-896e-wudc |
| vulnerability_id |
VCID-fzt2-896e-wudc |
| summary |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the `/admin/misc/script-proxy` API endpoint that is accessible by an authenticated administrator user is vulnerable to arbitrary JavaScript and CSS file read via the `scriptPath` and `scripts` parameters. The `scriptPath` parameter is not sanitized properly and is vulnerable to path traversal attack. Any JavaScript/CSS file from the application server can be read by specifying sufficient number of `../` patterns to go out from the application webroot followed by path of the folder where the file is located in the "scriptPath" parameter and the file name in the "scripts" parameter. The JavaScript file is successfully read only if the web application has read access to it. Users should update to version 10.5.21 to receive a patch or, as a workaround, apply the patch manual. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-30852, GHSA-j5c3-r84f-9596
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fzt2-896e-wudc |
|
| 50 |
| url |
VCID-g2xz-1vbj-qufd |
| vulnerability_id |
VCID-g2xz-1vbj-qufd |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.3 |
| purl |
pkg:composer/pimcore/pimcore@10.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 8 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 9 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 10 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 11 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 12 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 13 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 14 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 15 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 16 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 17 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 18 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 19 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 20 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 21 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 22 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 23 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 24 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 25 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 26 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 27 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 28 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 29 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 30 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 31 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 32 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 33 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 34 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 35 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 36 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 37 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 38 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 39 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 40 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 41 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 42 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 43 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 44 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 45 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 46 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 47 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 48 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 49 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 50 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 51 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 52 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 53 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 54 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 55 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 56 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 57 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 58 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 59 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 60 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 61 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 62 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 63 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 64 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 65 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 66 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 67 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 68 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 69 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 70 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 71 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 72 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 73 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.3 |
|
|
| aliases |
CVE-2023-2730, GHSA-q3p4-v2cm-q945
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g2xz-1vbj-qufd |
|
| 51 |
| url |
VCID-g8h5-e165-1bay |
| vulnerability_id |
VCID-g8h5-e165-1bay |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2616, GHSA-mhpj-7m7h-8p6x
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g8h5-e165-1bay |
|
| 52 |
| url |
VCID-g8ha-yccg-p3f8 |
| vulnerability_id |
VCID-g8ha-yccg-p3f8 |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the admin search find API has a SQL injection vulnerability. Users should upgrade to version 10.5.21 to receive a patch or, as a workaround, apply the patch manually. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-30848, GHSA-6mhm-gcpf-5gr8
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g8ha-yccg-p3f8 |
|
| 53 |
| url |
VCID-gt5w-6b92-1qfz |
| vulnerability_id |
VCID-gt5w-6b92-1qfz |
| summary |
Improper quoting of columns when using setOrderBy() or setGroupBy() on listing classes in Pimcore
### Impact
Pimcore offers developers listing classes to make querying data easier. This listing classes also allow to order or group the results based on one or more columns which should be quoted by default.
The actual issue is that quoting is not done properly in both cases, so there's the theoretical possibility to inject custom SQL if the developer is using this methods with input data and not doing proper input validation in advance and so relies on the auto-quoting being done by the listing classes.
##### Example:
```php
// request url: https://example.com/foo?groupBy=o_id`; SELECT SLEEP(20);--
$list = new DataObject\Car\Listing();
$list->setOrderKey($request->get('orderBy'));
$list->setGroupBy($request->get('groupBy'));
$list->load();
```
### Patches
Upgrade to >= 10.4.4 or apply the following patch manually:
https://github.com/pimcore/pimcore/commit/21559c6bf0e4e828d33ff7af6e88caecb5ac6549.patch
### Workarounds
Apply this patch manually:
https://github.com/pimcore/pimcore/commit/21559c6bf0e4e828d33ff7af6e88caecb5ac6549.patch
### References
https://github.com/pimcore/pimcore/pull/12444 |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://github.com/pimcore/pimcore/pull/12444 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:43:02Z/ |
|
|
| url |
https://github.com/pimcore/pimcore/pull/12444 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.4.4 |
| purl |
pkg:composer/pimcore/pimcore@10.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 21 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 22 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 23 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 24 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 25 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 26 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 27 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 28 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 29 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 30 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 31 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 32 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 33 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 34 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 35 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 36 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 37 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 38 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 39 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 40 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 41 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 42 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 43 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 44 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 45 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 46 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 47 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 48 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 49 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 50 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 51 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 52 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 53 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 54 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 55 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 56 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 57 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 58 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 59 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 60 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 61 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 62 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 63 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 64 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 65 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.4.4 |
|
|
| aliases |
CVE-2022-31092, GHSA-gvmf-wcx6-p974, GMS-2022-2534
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gt5w-6b92-1qfz |
|
| 54 |
| url |
VCID-hmpr-1fgb-jqea |
| vulnerability_id |
VCID-hmpr-1fgb-jqea |
| summary |
Pimcore vulnerable to SQL injection via unsanitized filter value in Dependency Dao RLIKE clause
The filter query parameter in the dependency listing endpoints is JSON-decoded and the value field is concatenated directly into RLIKE clauses without sanitization or parameterized queries.
Affected code in models/Dependency/Dao.php:
- getFilterRequiresByPath() lines 90, 95, 100
- getFilterRequiredByPath() lines 148, 153, 158
All 6 locations use direct string concatenation like:
"AND LOWER(CONCAT(o.path, o.key)) RLIKE '".$value."'"
Note that $orderBy and $orderDirection in the same methods (lines 75-81) ARE properly `whitelist`-validated, but $value has zero sanitization.
Entry points (pimcore/admin-ui-classic-bundle ElementController.php):
- GET /admin/element/get-requires-dependencies (line 654)
- GET /admin/element/get-required-by-dependencies (line 714)
The controller JSON-decodes the filter query param and passes $filter['value'] straight to the Dao without any escaping.
PoC (time-based blind): |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2026-27461, GHSA-vxg3-v4p6-f3fp
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hmpr-1fgb-jqea |
|
| 55 |
| url |
VCID-hz2p-k88z-nbdb |
| vulnerability_id |
VCID-hz2p-k88z-nbdb |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.3 |
| purl |
pkg:composer/pimcore/pimcore@10.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 8 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 9 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 10 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 11 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 12 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 13 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 14 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 15 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 16 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 17 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 18 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 19 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 20 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 21 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 22 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 23 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 24 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 25 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 26 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 27 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 28 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 29 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 30 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 31 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 32 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 33 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 34 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 35 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 36 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 37 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 38 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 39 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 40 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 41 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 42 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 43 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 44 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 45 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 46 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 47 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 48 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 49 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 50 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 51 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 52 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 53 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 54 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 55 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 56 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 57 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 58 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 59 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 60 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 61 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 62 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 63 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 64 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 65 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 66 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 67 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 68 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 69 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 70 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 71 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 72 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 73 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.3 |
|
|
| aliases |
CVE-2022-0832, GHSA-6qcc-whgp-pjj2
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hz2p-k88z-nbdb |
|
| 56 |
| url |
VCID-j8d3-zaj3-xuax |
| vulnerability_id |
VCID-j8d3-zaj3-xuax |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2327, GHSA-x9xj-pqmv-8jf7
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j8d3-zaj3-xuax |
|
| 57 |
| url |
VCID-jmdu-dpju-abee |
| vulnerability_id |
VCID-jmdu-dpju-abee |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2361, GHSA-9xg6-75mh-7x3f
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jmdu-dpju-abee |
|
| 58 |
| url |
VCID-jv87-2e53-13as |
| vulnerability_id |
VCID-jv87-2e53-13as |
| summary |
Pimcore Cross-site Scripting (XSS)
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.4. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.4 |
| purl |
pkg:composer/pimcore/pimcore@10.5.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 21 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 22 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 23 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 24 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 25 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 26 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 27 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 28 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 29 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 30 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 31 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 32 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 33 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 34 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 35 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 36 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 37 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 38 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 39 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 40 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 41 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 42 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 43 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 44 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 45 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 46 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 47 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 48 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 49 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 50 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 51 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 52 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 53 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 54 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 55 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 56 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 57 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 58 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 59 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 60 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 61 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 62 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 63 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 64 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.4 |
|
|
| aliases |
CVE-2022-2796, GHSA-pr4f-4pcx-2r3h
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jv87-2e53-13as |
|
| 59 |
| url |
VCID-kb9x-es6p-73eh |
| vulnerability_id |
VCID-kb9x-es6p-73eh |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.19. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
|
| aliases |
CVE-2023-1515, GHSA-66cm-c7ch-5j8q
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kb9x-es6p-73eh |
|
| 60 |
| url |
VCID-ksg7-98kn-9uc8 |
| vulnerability_id |
VCID-ksg7-98kn-9uc8 |
| summary |
Deserialization of Untrusted Data
An attacker with classes permission can send a POST request to `/admin/class/bulk-commit`, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to `bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php`. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@5.7.1 |
| purl |
pkg:composer/pimcore/pimcore@5.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-9k8b-a52b-47fx |
|
| 19 |
| vulnerability |
VCID-a66j-sth4-d3dc |
|
| 20 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 21 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 22 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 23 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 24 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 25 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 26 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 27 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 28 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 29 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 30 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 31 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 32 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 33 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 34 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 35 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 36 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 37 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 38 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 39 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 40 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 41 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 42 |
| vulnerability |
VCID-ejnh-57m7-ffab |
|
| 43 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 44 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 45 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 46 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 47 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 48 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 49 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 50 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 51 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 52 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 53 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 54 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 55 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 56 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 57 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 58 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 59 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 60 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 61 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 62 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 63 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 64 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 65 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 66 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 67 |
| vulnerability |
VCID-p33r-uxhp-q3eu |
|
| 68 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 69 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 70 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 71 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 72 |
| vulnerability |
VCID-pygu-76pc-r7as |
|
| 73 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 74 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 75 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 76 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 77 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 78 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 79 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 80 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 81 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 82 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 83 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 84 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 85 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 86 |
| vulnerability |
VCID-umwk-nrvg-6bg5 |
|
| 87 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 88 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 89 |
| vulnerability |
VCID-utnk-dp6a-w3gf |
|
| 90 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 91 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 92 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 93 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 94 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 95 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 96 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 97 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 98 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 99 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 100 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 101 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 102 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 103 |
| vulnerability |
VCID-yq5e-ruk6-9ud2 |
|
| 104 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 105 |
| vulnerability |
VCID-yxfb-p2aw-t3ga |
|
| 106 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 107 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 108 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@5.7.1 |
|
|
| aliases |
CVE-2019-10867, GHSA-7hqr-j26m-gmwp
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ksg7-98kn-9uc8 |
|
| 61 |
| url |
VCID-kw4t-2xte-b3du |
| vulnerability_id |
VCID-kw4t-2xte-b3du |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.19. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
| 1 |
|
|
| aliases |
CVE-2023-1286, GHSA-8jv7-vwrc-mv4g
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kw4t-2xte-b3du |
|
| 62 |
| url |
VCID-m5ct-vypc-kbgv |
| vulnerability_id |
VCID-m5ct-vypc-kbgv |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 11.1.0. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2023-5873, GHSA-j59v-hh4p-q92m
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m5ct-vypc-kbgv |
|
| 63 |
| url |
VCID-muk7-qswq-j3cy |
| vulnerability_id |
VCID-muk7-qswq-j3cy |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.18 |
| purl |
pkg:composer/pimcore/pimcore@10.5.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 5 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 6 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 7 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 8 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 9 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 10 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 11 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 12 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 13 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 14 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 15 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 16 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 17 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 18 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 19 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 20 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 21 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 22 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 23 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 24 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 25 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 26 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 27 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 28 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 29 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 30 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 31 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 32 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 33 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 34 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 35 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 36 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 37 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 38 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 39 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 40 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 41 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 42 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 43 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 44 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 45 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 46 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 47 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 48 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 49 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 50 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 51 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 52 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 53 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.18 |
|
| 1 |
|
|
| aliases |
CVE-2023-1117, GHSA-qxcw-rf4v-hp26
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-muk7-qswq-j3cy |
|
| 64 |
| url |
VCID-mvg7-d7ef-37fj |
| vulnerability_id |
VCID-mvg7-d7ef-37fj |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.3 |
| purl |
pkg:composer/pimcore/pimcore@10.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 8 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 9 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 10 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 11 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 12 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 13 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 14 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 15 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 16 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 17 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 18 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 19 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 20 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 21 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 22 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 23 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 24 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 25 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 26 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 27 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 28 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 29 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 30 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 31 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 32 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 33 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 34 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 35 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 36 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 37 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 38 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 39 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 40 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 41 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 42 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 43 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 44 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 45 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 46 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 47 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 48 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 49 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 50 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 51 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 52 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 53 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 54 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 55 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 56 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 57 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 58 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 59 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 60 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 61 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 62 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 63 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 64 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 65 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 66 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 67 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 68 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 69 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 70 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 71 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 72 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 73 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.3 |
|
|
| aliases |
CVE-2022-0831, GHSA-q67f-3jq4-mww2
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mvg7-d7ef-37fj |
|
| 65 |
| url |
VCID-n6ne-ucpz-u3bb |
| vulnerability_id |
VCID-n6ne-ucpz-u3bb |
| summary |
Reflected XSS in Application Logger module
### Impact
This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites.
### Patches
Update to version 10.5.19 or apply this patch manually https://github.com/pimcore/pimcore/pull/14606.patch
### Workarounds
Apply https://github.com/pimcore/pimcore/pull/14606.patch manually.
### References
https://huntr.dev/bounties/2a64a32d-b1cc-4def-91da-18040d59f356/ |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
|
| aliases |
GHSA-2xpm-cmvw-3jcc, GMS-2023-779
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n6ne-ucpz-u3bb |
|
| 66 |
| url |
VCID-n6nv-8sfz-mbce |
| vulnerability_id |
VCID-n6nv-8sfz-mbce |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.1 |
| purl |
pkg:composer/pimcore/pimcore@10.3.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 11 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 12 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 13 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 14 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 15 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 16 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 17 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 18 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 19 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 20 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 21 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 22 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 23 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 24 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 25 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 26 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 27 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 28 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 29 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 30 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 31 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 32 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 33 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 34 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 35 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 36 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 37 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 38 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 39 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 40 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 41 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 42 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 43 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 44 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 45 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 46 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 47 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 48 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 49 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 50 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 51 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 52 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 53 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 54 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 55 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 56 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 57 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 58 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 59 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 60 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 61 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 62 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 63 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 64 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 65 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 66 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 67 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 68 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 69 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 70 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 71 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 72 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 73 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 74 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.1 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.4.0 |
| purl |
pkg:composer/pimcore/pimcore@10.4.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 21 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 22 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 23 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 24 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 25 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 26 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 27 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 28 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 29 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 30 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 31 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 32 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 33 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 34 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 35 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 36 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 37 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 38 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 39 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 40 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 41 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 42 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 43 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 44 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 45 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 46 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 47 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 48 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 49 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 50 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 51 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 52 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 53 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 54 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 55 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 56 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 57 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 58 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 59 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 60 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 61 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 62 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 63 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 64 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 65 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 66 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.4.0 |
|
|
| aliases |
CVE-2022-0704, GHSA-pc32-x737-74cv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n6nv-8sfz-mbce |
|
| 67 |
| url |
VCID-nkvu-1mye-dfbm |
| vulnerability_id |
VCID-nkvu-1mye-dfbm |
| summary |
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.6 |
| purl |
pkg:composer/pimcore/pimcore@10.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 18 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 19 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 20 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 21 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 22 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 23 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 24 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 25 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 26 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 27 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 28 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 29 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 30 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 31 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 32 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 33 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 34 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 35 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 36 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 37 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 38 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 39 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 40 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 41 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 42 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 43 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 44 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 45 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 46 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 47 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 48 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 49 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 50 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 51 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 52 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 53 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 54 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 55 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 56 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 57 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 58 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 59 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 60 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 61 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 62 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 63 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 64 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 65 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 66 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 67 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 68 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 69 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 70 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 71 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 72 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 73 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 74 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 75 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 76 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 77 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 78 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 79 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 80 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 81 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 82 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 83 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 84 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 85 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 86 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 87 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 88 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 89 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 90 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.6 |
|
|
| aliases |
CVE-2021-4081, GHSA-3p85-p4qg-hcrp
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nkvu-1mye-dfbm |
|
| 68 |
| url |
VCID-nnem-28fp-xugy |
| vulnerability_id |
VCID-nnem-28fp-xugy |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.4. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2023-3822, GHSA-vmpv-qjhq-r463
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nnem-28fp-xugy |
|
| 69 |
| url |
VCID-p33r-uxhp-q3eu |
| vulnerability_id |
VCID-p33r-uxhp-q3eu |
| summary |
Improper Neutralization of Formula Elements in a CSV File
Pimcore is an open source data & experience management platform., Data Object CSV import allows formular injection. The problem is patched Aside from upgrading, one may apply the patch manually as a workaround. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.1.1 |
| purl |
pkg:composer/pimcore/pimcore@10.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 19 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 20 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 21 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 22 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 23 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 24 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 25 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 26 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 27 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 28 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 29 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 30 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 31 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 32 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 33 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 34 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 35 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 36 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 37 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 38 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 39 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 40 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 41 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 42 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 43 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 44 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 45 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 46 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 47 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 48 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 49 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 50 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 51 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 52 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 53 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 54 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 55 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 56 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 57 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 58 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 59 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 60 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 61 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 62 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 63 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 64 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 65 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 66 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 67 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 68 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 69 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 70 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 71 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 72 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 73 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 74 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 75 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 76 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 77 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 78 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 79 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 80 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 81 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 82 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 83 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 84 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 85 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 86 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 87 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 88 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 89 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 90 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 91 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 92 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 93 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 94 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 95 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 96 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 97 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 98 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 99 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.1.1 |
|
|
| aliases |
CVE-2021-37702, GHSA-pp2h-95hm-hv9r
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p33r-uxhp-q3eu |
|
| 70 |
| url |
VCID-p3g5-vbhk-h3h7 |
| vulnerability_id |
VCID-p3g5-vbhk-h3h7 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2322, GHSA-476g-v7hf-cw5m
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p3g5-vbhk-h3h7 |
|
| 71 |
| url |
VCID-p3kp-be4v-nqca |
| vulnerability_id |
VCID-p3kp-be4v-nqca |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Stored XSS in Tooltip in GitHub repository pimcore/pimcore prior to 10.4. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.4.0 |
| purl |
pkg:composer/pimcore/pimcore@10.4.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 21 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 22 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 23 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 24 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 25 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 26 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 27 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 28 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 29 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 30 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 31 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 32 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 33 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 34 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 35 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 36 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 37 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 38 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 39 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 40 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 41 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 42 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 43 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 44 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 45 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 46 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 47 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 48 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 49 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 50 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 51 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 52 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 53 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 54 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 55 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 56 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 57 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 58 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 59 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 60 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 61 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 62 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 63 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 64 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 65 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 66 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.4.0 |
|
|
| aliases |
CVE-2022-1351, GHSA-xcr3-4qvr-54rh
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p3kp-be4v-nqca |
|
| 72 |
| url |
VCID-ppb6-perx-z7g3 |
| vulnerability_id |
VCID-ppb6-perx-z7g3 |
| summary |
Cross-site Scripting
Text-values were not properly escaped before printed in the version preview. This allowed XSS by authenticated users with access to the resources. This issue is patched in Pimcore |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.1.2 |
| purl |
pkg:composer/pimcore/pimcore@10.1.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 19 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 20 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 21 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 22 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 23 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 24 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 25 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 26 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 27 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 28 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 29 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 30 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 31 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 32 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 33 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 34 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 35 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 36 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 37 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 38 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 39 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 40 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 41 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 42 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 43 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 44 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 45 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 46 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 47 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 48 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 49 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 50 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 51 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 52 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 53 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 54 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 55 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 56 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 57 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 58 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 59 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 60 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 61 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 62 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 63 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 64 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 65 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 66 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 67 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 68 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 69 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 70 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 71 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 72 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 73 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 74 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 75 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 76 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 77 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 78 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 79 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 80 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 81 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 82 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 83 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 84 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 85 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 86 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 87 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 88 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 89 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 90 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 91 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 92 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 93 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 94 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 95 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 96 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 97 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.1.2 |
|
|
| aliases |
CVE-2021-39166, GHSA-w6j8-jc36-x5q9
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ppb6-perx-z7g3 |
|
| 73 |
| url |
VCID-ppum-bu2e-b3hr |
| vulnerability_id |
VCID-ppum-bu2e-b3hr |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.18 |
| purl |
pkg:composer/pimcore/pimcore@10.5.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 5 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 6 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 7 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 8 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 9 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 10 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 11 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 12 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 13 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 14 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 15 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 16 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 17 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 18 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 19 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 20 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 21 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 22 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 23 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 24 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 25 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 26 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 27 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 28 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 29 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 30 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 31 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 32 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 33 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 34 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 35 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 36 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 37 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 38 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 39 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 40 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 41 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 42 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 43 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 44 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 45 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 46 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 47 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 48 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 49 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 50 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 51 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 52 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 53 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.18 |
|
| 1 |
|
|
| aliases |
CVE-2023-1116, GHSA-96hp-38wx-j3wc
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ppum-bu2e-b3hr |
|
| 74 |
| url |
VCID-pygu-76pc-r7as |
| vulnerability_id |
VCID-pygu-76pc-r7as |
| summary |
A SQL Injection flaw was found in the package pimcore/pimcore. This issue exists due to the absence of check on the `storeId` parameter in the method `collectionsActionGet` and `groupsActionGet` method within the `ClassificationstoreController` class. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.0.7 |
| purl |
pkg:composer/pimcore/pimcore@10.0.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-a66j-sth4-d3dc |
|
| 19 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 20 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 21 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 22 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 23 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 24 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 25 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 26 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 27 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 28 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 29 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 30 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 31 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 32 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 33 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 34 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 35 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 36 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 37 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 38 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 39 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 40 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 41 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 42 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 43 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 44 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 45 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 46 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 47 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 48 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 49 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 50 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 51 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 52 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 53 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 54 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 55 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 56 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 57 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 58 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 59 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 60 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 61 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 62 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 63 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 64 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 65 |
| vulnerability |
VCID-p33r-uxhp-q3eu |
|
| 66 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 67 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 68 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 69 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 70 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 71 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 72 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 73 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 74 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 75 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 76 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 77 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 78 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 79 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 80 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 81 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 82 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 83 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 84 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 85 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 86 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 87 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 88 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 89 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 90 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 91 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 92 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 93 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 94 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 95 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 96 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 97 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 98 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 99 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 100 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 101 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.0.7 |
|
|
| aliases |
CVE-2021-23405, GHSA-g8jx-66p8-vcm2
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pygu-76pc-r7as |
|
| 75 |
| url |
VCID-q4w5-13sd-xfdr |
| vulnerability_id |
VCID-q4w5-13sd-xfdr |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2614, GHSA-m6m9-gr85-79vm
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q4w5-13sd-xfdr |
|
| 76 |
| url |
VCID-qh25-w41n-eubf |
| vulnerability_id |
VCID-qh25-w41n-eubf |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A stored Cross-site Scripting (XSS) vulnerability was found in pimcore. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.0 |
| purl |
pkg:composer/pimcore/pimcore@10.2.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 19 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 20 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 21 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 22 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 23 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 24 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 25 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 26 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 27 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 28 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 29 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 30 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 31 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 32 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 33 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 34 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 35 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 36 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 37 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 38 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 39 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 40 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 41 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 42 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 43 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 44 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 45 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 46 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 47 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 48 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 49 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 50 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 51 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 52 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 53 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 54 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 55 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 56 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 57 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 58 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 59 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 60 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 61 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 62 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 63 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 64 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 65 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 66 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 67 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 68 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 69 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 70 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 71 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 72 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 73 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 74 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 75 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 76 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 77 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 78 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 79 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 80 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 81 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 82 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 83 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 84 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 85 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 86 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 87 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 88 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 89 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 90 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 91 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 92 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 93 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 94 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.0 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.2.10 |
| purl |
pkg:composer/pimcore/pimcore@10.2.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 12 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 13 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 14 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 15 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 16 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 17 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 18 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 19 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 20 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 21 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 22 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 23 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 24 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 25 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 26 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 27 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 28 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 29 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 30 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 31 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 32 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 33 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 34 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 35 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 36 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 37 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 38 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 39 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 40 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 41 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 42 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 43 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 44 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 45 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 46 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 47 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 48 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 49 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 50 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 51 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 52 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 53 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 54 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 55 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 56 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 57 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 58 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 59 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 60 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 61 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 62 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 63 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 64 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 65 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 66 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 67 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 68 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 69 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 70 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 71 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 72 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 73 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 74 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 75 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 76 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 77 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 78 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 79 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 80 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 81 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 82 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.10 |
|
|
| aliases |
CVE-2022-0251, GHSA-f7q6-xxph-mfm8
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qh25-w41n-eubf |
|
| 77 |
| url |
VCID-rnht-mqx9-sucr |
| vulnerability_id |
VCID-rnht-mqx9-sucr |
| summary |
Cross-site Scripting
Pimcore is an open source data & experience management platform. An authenticated user could add XSS code as a value of custom metadata on assets. There is a patch for this issue in Pimcore As a workaround, users may apply the patch manually. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.1.2 |
| purl |
pkg:composer/pimcore/pimcore@10.1.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 19 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 20 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 21 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 22 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 23 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 24 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 25 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 26 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 27 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 28 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 29 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 30 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 31 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 32 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 33 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 34 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 35 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 36 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 37 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 38 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 39 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 40 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 41 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 42 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 43 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 44 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 45 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 46 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 47 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 48 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 49 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 50 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 51 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 52 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 53 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 54 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 55 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 56 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 57 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 58 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 59 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 60 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 61 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 62 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 63 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 64 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 65 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 66 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 67 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 68 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 69 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 70 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 71 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 72 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 73 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 74 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 75 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 76 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 77 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 78 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 79 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 80 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 81 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 82 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 83 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 84 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 85 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 86 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 87 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 88 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 89 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 90 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 91 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 92 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 93 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 94 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 95 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 96 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 97 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.1.2 |
|
|
| aliases |
CVE-2021-39170, GHSA-2v88-qq7x-xq5f
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rnht-mqx9-sucr |
|
| 78 |
| url |
VCID-s6f2-dbzx-kugz |
| vulnerability_id |
VCID-s6f2-dbzx-kugz |
| summary |
Pimcore vulnerable to cross site scripting
If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. Amongst other things, the attacker can perform any action within the application that the user can perform; view any information that the user is able to view; modify any information that the user is able to modify; and/or initiate interactions with other application users, including malicious attacks, that will appear to originate from the initial victim user. A patch for this issue is available at commit 1e916e7d668c9e47b217e20cc0ea4812f466201b and anticipated to be part of version 10.5.7. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.7 |
| purl |
pkg:composer/pimcore/pimcore@10.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 21 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 22 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 23 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 24 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 25 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 26 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 27 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 28 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 29 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 30 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 31 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 32 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 33 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 34 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 35 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 36 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 37 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 38 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 39 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 40 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 41 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 42 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 43 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 44 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 45 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 46 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 47 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 48 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 49 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 50 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 51 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 52 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 53 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 54 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 55 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 56 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 57 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 58 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 59 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 60 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 61 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 62 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.7 |
|
|
| aliases |
CVE-2022-3255, GHSA-wqr6-57qm-hhr5
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s6f2-dbzx-kugz |
|
| 79 |
| url |
VCID-s6xd-j7a8-u3c8 |
| vulnerability_id |
VCID-s6xd-j7a8-u3c8 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Pimcore is an open source data and experience management platform. Prior to version 10.5.19, an attacker can use cross-site scripting to send a malicious script to an unsuspecting user. Users may upgrade to version 10.5.19 to receive a patch or, as a workaround, apply the patch manually. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://github.com/pimcore/pimcore/pull/14669.patch |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:29:14Z/ |
|
|
| url |
https://github.com/pimcore/pimcore/pull/14669.patch |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
|
| aliases |
CVE-2023-28106, GHSA-x5j3-mq9g-8jc8
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s6xd-j7a8-u3c8 |
|
| 80 |
| url |
VCID-sdww-bp7g-9ygj |
| vulnerability_id |
VCID-sdww-bp7g-9ygj |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.1 |
| purl |
pkg:composer/pimcore/pimcore@10.3.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 11 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 12 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 13 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 14 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 15 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 16 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 17 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 18 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 19 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 20 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 21 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 22 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 23 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 24 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 25 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 26 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 27 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 28 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 29 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 30 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 31 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 32 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 33 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 34 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 35 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 36 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 37 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 38 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 39 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 40 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 41 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 42 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 43 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 44 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 45 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 46 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 47 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 48 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 49 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 50 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 51 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 52 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 53 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 54 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 55 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 56 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 57 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 58 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 59 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 60 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 61 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 62 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 63 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 64 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 65 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 66 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 67 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 68 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 69 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 70 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 71 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 72 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 73 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 74 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.1 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.4.0 |
| purl |
pkg:composer/pimcore/pimcore@10.4.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 21 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 22 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 23 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 24 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 25 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 26 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 27 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 28 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 29 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 30 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 31 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 32 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 33 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 34 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 35 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 36 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 37 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 38 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 39 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 40 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 41 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 42 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 43 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 44 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 45 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 46 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 47 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 48 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 49 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 50 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 51 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 52 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 53 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 54 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 55 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 56 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 57 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 58 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 59 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 60 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 61 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 62 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 63 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 64 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 65 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 66 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.4.0 |
|
|
| aliases |
CVE-2022-0705, GHSA-xmq3-hgjx-6997
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sdww-bp7g-9ygj |
|
| 81 |
| url |
VCID-shds-jhqq-ufd1 |
| vulnerability_id |
VCID-shds-jhqq-ufd1 |
| summary |
pimcore is vulnerable to Cross-Site Request Forgery (CSRF) |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.6 |
| purl |
pkg:composer/pimcore/pimcore@10.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 18 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 19 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 20 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 21 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 22 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 23 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 24 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 25 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 26 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 27 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 28 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 29 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 30 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 31 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 32 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 33 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 34 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 35 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 36 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 37 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 38 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 39 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 40 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 41 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 42 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 43 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 44 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 45 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 46 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 47 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 48 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 49 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 50 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 51 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 52 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 53 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 54 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 55 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 56 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 57 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 58 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 59 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 60 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 61 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 62 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 63 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 64 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 65 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 66 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 67 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 68 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 69 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 70 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 71 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 72 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 73 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 74 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 75 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 76 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 77 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 78 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 79 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 80 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 81 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 82 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 83 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 84 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 85 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 86 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 87 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 88 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 89 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 90 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.6 |
|
|
| aliases |
CVE-2021-4082, GHSA-2v2v-fx7r-f2fh
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-shds-jhqq-ufd1 |
|
| 82 |
| url |
VCID-svwv-zn1s-xbdn |
| vulnerability_id |
VCID-svwv-zn1s-xbdn |
| summary |
Information Exposure Through Discrepancy
Pimcore is an open source data & experience management platform. A flaw was found identifying it is possible to enumerate usernames via the forgot password functionality. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.1.3 |
| purl |
pkg:composer/pimcore/pimcore@10.1.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 19 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 20 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 21 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 22 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 23 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 24 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 25 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 26 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 27 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 28 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 29 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 30 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 31 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 32 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 33 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 34 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 35 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 36 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 37 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 38 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 39 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 40 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 41 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 42 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 43 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 44 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 45 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 46 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 47 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 48 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 49 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 50 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 51 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 52 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 53 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 54 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 55 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 56 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 57 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 58 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 59 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 60 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 61 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 62 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 63 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 64 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 65 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 66 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 67 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 68 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 69 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 70 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 71 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 72 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 73 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 74 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 75 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 76 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 77 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 78 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 79 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 80 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 81 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 82 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 83 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 84 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 85 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 86 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 87 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 88 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 89 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 90 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 91 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 92 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 93 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 94 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 95 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 96 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.1.3 |
|
|
| aliases |
CVE-2021-39189, GHSA-579x-cjvr-cqj9
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-svwv-zn1s-xbdn |
|
| 83 |
|
| 84 |
| url |
VCID-tn1v-4yx7-8uat |
| vulnerability_id |
VCID-tn1v-4yx7-8uat |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.20. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.20 |
| purl |
pkg:composer/pimcore/pimcore@10.5.20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 4 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 5 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 6 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 7 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 8 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 9 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 10 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 11 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 12 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 13 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 14 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 15 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 16 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 17 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 18 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 19 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 20 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 21 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 22 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 23 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 24 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 25 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 26 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 27 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 28 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 29 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 30 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 31 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 32 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 33 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 34 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 35 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 36 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.20 |
|
| 1 |
|
|
| aliases |
CVE-2023-1701, GHSA-6mmf-qm37-pmgg, GHSA-7r35-chv4-xr3r
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tn1v-4yx7-8uat |
|
| 85 |
| url |
VCID-tx4m-dken-57hp |
| vulnerability_id |
VCID-tx4m-dken-57hp |
| summary |
Cross-site Scripting (XSS) in Conditions tab of Pricing Rules
This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2332, GHSA-r7mm-jx6h-hv7m
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tx4m-dken-57hp |
|
| 86 |
|
| 87 |
| url |
VCID-u889-d2cm-2kfk |
| vulnerability_id |
VCID-u889-d2cm-2kfk |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.6.4. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2023-3821, GHSA-78q2-cv3p-x9fm
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u889-d2cm-2kfk |
|
| 88 |
| url |
VCID-umwk-nrvg-6bg5 |
| vulnerability_id |
VCID-umwk-nrvg-6bg5 |
| summary |
Improper Preservation of Permissions
Pimcore is an open source digital experience platform. In Pimcore it is possible to modify & create website settings without having the appropriate permissions. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@6.8.5 |
| purl |
pkg:composer/pimcore/pimcore@6.8.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-9k8b-a52b-47fx |
|
| 19 |
| vulnerability |
VCID-a66j-sth4-d3dc |
|
| 20 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 21 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 22 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 23 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 24 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 25 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 26 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 27 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 28 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 29 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 30 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 31 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 32 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 33 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 34 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 35 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 36 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 37 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 38 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 39 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 40 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 41 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 42 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 43 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 44 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 45 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 46 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 47 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 48 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 49 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 50 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 51 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 52 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 53 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 54 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 55 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 56 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 57 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 58 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 59 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 60 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 61 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 62 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 63 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 64 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 65 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 66 |
| vulnerability |
VCID-p33r-uxhp-q3eu |
|
| 67 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 68 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 69 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 70 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 71 |
| vulnerability |
VCID-pygu-76pc-r7as |
|
| 72 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 73 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 74 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 75 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 76 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 77 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 78 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 79 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 80 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 81 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 82 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 83 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 84 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 85 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 86 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 87 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 88 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 89 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 90 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 91 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 92 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 93 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 94 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 95 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 96 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 97 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 98 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 99 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 100 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 101 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 102 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 103 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@6.8.5 |
|
|
| aliases |
CVE-2020-26246, GHSA-7p8p-4253-3mg6
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-umwk-nrvg-6bg5 |
|
| 89 |
|
| 90 |
| url |
VCID-upjh-4jdt-xbgd |
| vulnerability_id |
VCID-upjh-4jdt-xbgd |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.20 |
| purl |
pkg:composer/pimcore/pimcore@10.5.20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 4 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 5 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 6 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 7 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 8 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 9 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 10 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 11 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 12 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 13 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 14 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 15 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 16 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 17 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 18 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 19 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 20 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 21 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 22 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 23 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 24 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 25 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 26 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 27 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 28 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 29 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 30 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 31 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 32 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 33 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 34 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 35 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 36 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.20 |
|
| 1 |
|
|
| aliases |
CVE-2023-1703, GHSA-3r5c-h7g6-cqw7, GHSA-4f25-2x2c-vg6v
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-upjh-4jdt-xbgd |
|
| 91 |
| url |
VCID-utnk-dp6a-w3gf |
| vulnerability_id |
VCID-utnk-dp6a-w3gf |
| summary |
Improper Restriction of Excessive Authentication Attempts
Pimcore lacks brute force protection for the 2FA token. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@6.2.2 |
| purl |
pkg:composer/pimcore/pimcore@6.2.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-9k8b-a52b-47fx |
|
| 19 |
| vulnerability |
VCID-a66j-sth4-d3dc |
|
| 20 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 21 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 22 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 23 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 24 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 25 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 26 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 27 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 28 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 29 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 30 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 31 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 32 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 33 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 34 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 35 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 36 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 37 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 38 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 39 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 40 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 41 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 42 |
| vulnerability |
VCID-ejnh-57m7-ffab |
|
| 43 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 44 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 45 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 46 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 47 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 48 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 49 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 50 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 51 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 52 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 53 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 54 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 55 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 56 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 57 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 58 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 59 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 60 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 61 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 62 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 63 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 64 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 65 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 66 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 67 |
| vulnerability |
VCID-p33r-uxhp-q3eu |
|
| 68 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 69 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 70 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 71 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 72 |
| vulnerability |
VCID-pygu-76pc-r7as |
|
| 73 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 74 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 75 |
| vulnerability |
VCID-qrue-na7k-jkf6 |
|
| 76 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 77 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 78 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 79 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 80 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 81 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 82 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 83 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 84 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 85 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 86 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 87 |
| vulnerability |
VCID-umwk-nrvg-6bg5 |
|
| 88 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 89 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 90 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 91 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 92 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 93 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 94 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 95 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 96 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 97 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 98 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 99 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 100 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 101 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 102 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 103 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 104 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 105 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 106 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@6.2.2 |
|
|
| aliases |
CVE-2019-18985, GHSA-hf62-5vxh-jpwj
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-utnk-dp6a-w3gf |
|
| 92 |
| url |
VCID-vqdy-2yzt-7qdf |
| vulnerability_id |
VCID-vqdy-2yzt-7qdf |
| summary |
Cross-Site Request Forgery (CSRF)
Pimcore is an Open Source Data & Experience Management Platform. In affected versions the `/admin/object/grid-proxy` endpoint calls `getFilterCondition()` on fields of classes to be filtered for, passing input from the request, and later executes the returned SQL. One implementation of `getFilterCondition()` is in `Multiselect`, which does not normalize/escape/validate the passed value. Any backend user with very basic permissions can execute arbitrary SQL statements and thus alter any data or escalate their privileges to at least admin level. This vulnerability has been addressed in version 11.1.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2023-47637, GHSA-72hh-xf79-429p
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vqdy-2yzt-7qdf |
|
| 93 |
| url |
VCID-vra6-hemr-kuf1 |
| vulnerability_id |
VCID-vra6-hemr-kuf1 |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Pimcore is an open source data and experience management platform. Prior to version 10.5.19, since a user with 'report' permission can already write arbitrary SQL queries and given the fact that this endpoint is using the GET method (no CSRF protection), an attacker can inject an arbitrary query by manipulating a user to click on a link. Users should upgrade to version 10.5.19 to receive a patch or, as a workaround, may apply the patch manually. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
|
| aliases |
CVE-2023-28438, GHSA-vf7q-g2pv-jxvx
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vra6-hemr-kuf1 |
|
| 94 |
| url |
VCID-vser-cuam-k7hs |
| vulnerability_id |
VCID-vser-cuam-k7hs |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.19. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
|
| aliases |
CVE-2023-1517, GHSA-42x8-2v53-pqmj
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vser-cuam-k7hs |
|
| 95 |
| url |
VCID-vz1n-rh5e-kfgj |
| vulnerability_id |
VCID-vz1n-rh5e-kfgj |
| summary |
Unrestricted Upload of File with Dangerous Type
In Pimcore, an attacker with limited privileges can bypass file-extension restrictions via a filename, as demonstrated by the failure of automatic renaming of `.php` to `.php.txt` for long filenames. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@5.7.1 |
| purl |
pkg:composer/pimcore/pimcore@5.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-9k8b-a52b-47fx |
|
| 19 |
| vulnerability |
VCID-a66j-sth4-d3dc |
|
| 20 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 21 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 22 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 23 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 24 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 25 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 26 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 27 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 28 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 29 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 30 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 31 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 32 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 33 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 34 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 35 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 36 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 37 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 38 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 39 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 40 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 41 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 42 |
| vulnerability |
VCID-ejnh-57m7-ffab |
|
| 43 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 44 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 45 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 46 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 47 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 48 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 49 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 50 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 51 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 52 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 53 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 54 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 55 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 56 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 57 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 58 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 59 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 60 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 61 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 62 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 63 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 64 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 65 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 66 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 67 |
| vulnerability |
VCID-p33r-uxhp-q3eu |
|
| 68 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 69 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 70 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 71 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 72 |
| vulnerability |
VCID-pygu-76pc-r7as |
|
| 73 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 74 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 75 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 76 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 77 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 78 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 79 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 80 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 81 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 82 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 83 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 84 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 85 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 86 |
| vulnerability |
VCID-umwk-nrvg-6bg5 |
|
| 87 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 88 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 89 |
| vulnerability |
VCID-utnk-dp6a-w3gf |
|
| 90 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 91 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 92 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 93 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 94 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 95 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 96 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 97 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 98 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 99 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 100 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 101 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 102 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 103 |
| vulnerability |
VCID-yq5e-ruk6-9ud2 |
|
| 104 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 105 |
| vulnerability |
VCID-yxfb-p2aw-t3ga |
|
| 106 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 107 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 108 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@5.7.1 |
|
|
| aliases |
CVE-2019-16318, GHSA-cxj7-4jpj-2q38
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vz1n-rh5e-kfgj |
|
| 96 |
| url |
VCID-w2hy-y2fn-m7gz |
| vulnerability_id |
VCID-w2hy-y2fn-m7gz |
| summary |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Pimcore is an open source data and experience management platform. Prior to version 10.5.21, a SQL Injection vulnerability exists in the admin translations API. Users should update to version 10.5.21 to receive a patch or, as a workaround, or apply the patch manually. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-30850, GHSA-jwg4-qcgv-5wg6
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w2hy-y2fn-m7gz |
|
| 97 |
| url |
VCID-w2nk-gqyj-3yay |
| vulnerability_id |
VCID-w2nk-gqyj-3yay |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.18 |
| purl |
pkg:composer/pimcore/pimcore@10.5.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 5 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 6 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 7 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 8 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 9 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 10 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 11 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 12 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 13 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 14 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 15 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 16 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 17 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 18 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 19 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 20 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 21 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 22 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 23 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 24 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 25 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 26 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 27 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 28 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 29 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 30 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 31 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 32 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 33 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 34 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 35 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 36 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 37 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 38 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 39 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 40 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 41 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 42 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 43 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 44 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 45 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 46 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 47 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 48 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 49 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 50 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 51 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 52 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 53 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.18 |
|
| 1 |
|
|
| aliases |
CVE-2023-1067, GHSA-f2jh-mf2c-8278
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w2nk-gqyj-3yay |
|
| 98 |
| url |
VCID-w3x1-neky-ckeg |
| vulnerability_id |
VCID-w3x1-neky-ckeg |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.1 |
| purl |
pkg:composer/pimcore/pimcore@10.3.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 11 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 12 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 13 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 14 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 15 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 16 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 17 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 18 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 19 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 20 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 21 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 22 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 23 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 24 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 25 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 26 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 27 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 28 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 29 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 30 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 31 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 32 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 33 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 34 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 35 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 36 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 37 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 38 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 39 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 40 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 41 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 42 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 43 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 44 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 45 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 46 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 47 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 48 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 49 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 50 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 51 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 52 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 53 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 54 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 55 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 56 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 57 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 58 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 59 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 60 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 61 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 62 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 63 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 64 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 65 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 66 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 67 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 68 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 69 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 70 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 71 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 72 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 73 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 74 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.1 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.4.0 |
| purl |
pkg:composer/pimcore/pimcore@10.4.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 3 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 4 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 5 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 6 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 7 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 8 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 9 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 10 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 11 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 12 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 13 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 14 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 15 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 16 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 17 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 18 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 19 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 20 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 21 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 22 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 23 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 24 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 25 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 26 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 27 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 28 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 29 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 30 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 31 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 32 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 33 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 34 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 35 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 36 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 37 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 38 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 39 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 40 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 41 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 42 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 43 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 44 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 45 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 46 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 47 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 48 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 49 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 50 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 51 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 52 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 53 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 54 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 55 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 56 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 57 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 58 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 59 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 60 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 61 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 62 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 63 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 64 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 65 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 66 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.4.0 |
|
|
| aliases |
CVE-2022-0911, GHSA-j29f-m23h-3p8p
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w3x1-neky-ckeg |
|
| 99 |
| url |
VCID-wj8w-76xv-jucd |
| vulnerability_id |
VCID-wj8w-76xv-jucd |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.19. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
|
| aliases |
CVE-2023-1429, GHSA-3223-w774-99fq
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wj8w-76xv-jucd |
|
| 100 |
| url |
VCID-wneb-ka1d-rfbw |
| vulnerability_id |
VCID-wneb-ka1d-rfbw |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.8. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2023-4453, GHSA-599v-h3q5-g6r9
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wneb-ka1d-rfbw |
|
| 101 |
| url |
VCID-wqx5-j39q-7yep |
| vulnerability_id |
VCID-wqx5-j39q-7yep |
| summary |
Cross-site Scripting in pimcore
Cross-site Scripting in Packagist pimcore/pimcore prior to 10.3.1. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.3.1 |
| purl |
pkg:composer/pimcore/pimcore@10.3.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 11 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 12 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 13 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 14 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 15 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 16 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 17 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 18 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 19 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 20 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 21 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 22 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 23 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 24 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 25 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 26 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 27 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 28 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 29 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 30 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 31 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 32 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 33 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 34 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 35 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 36 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 37 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 38 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 39 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 40 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 41 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 42 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 43 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 44 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 45 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 46 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 47 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 48 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 49 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 50 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 51 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 52 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 53 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 54 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 55 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 56 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 57 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 58 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 59 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 60 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 61 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 62 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 63 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 64 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 65 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 66 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 67 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 68 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 69 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 70 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 71 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 72 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 73 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 74 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.3.1 |
|
|
| aliases |
CVE-2022-0565, GHSA-h9vc-2p9g-63gp
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wqx5-j39q-7yep |
|
| 102 |
| url |
VCID-wrtm-zhun-ffbt |
| vulnerability_id |
VCID-wrtm-zhun-ffbt |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Pimcore is an open source data and experience management platform. Versions prior to 10.5.19 have an unsecured tooltip field in DataObject class definition. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Users should upgrade to version 10.5.19 or, as a workaround, apply the patch manually. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
|
| aliases |
CVE-2023-28429, GHSA-rcg9-hrhx-6q69
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wrtm-zhun-ffbt |
|
| 103 |
| url |
VCID-xks7-nx83-9khy |
| vulnerability_id |
VCID-xks7-nx83-9khy |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pimcore/pimcore. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.19 |
| purl |
pkg:composer/pimcore/pimcore@10.5.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 2 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 3 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 4 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 5 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 6 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 7 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 8 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 9 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 10 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 11 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 12 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 13 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 14 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 15 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 16 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 17 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 18 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 19 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 20 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 21 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 22 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 23 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 24 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 25 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 26 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 27 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 28 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 29 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 30 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 31 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 32 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 33 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 34 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 35 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 36 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 37 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 38 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 39 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 40 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.19 |
|
|
| aliases |
GHSA-rrwm-8wqm-gwgv, GMS-2023-781
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xks7-nx83-9khy |
|
| 104 |
| url |
VCID-xq4y-918u-yfe7 |
| vulnerability_id |
VCID-xq4y-918u-yfe7 |
| summary |
Business Logic Errors in GitHub repository pimcore/pimcore |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.2.6 |
| purl |
pkg:composer/pimcore/pimcore@10.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 18 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 19 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 20 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 21 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 22 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 23 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 24 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 25 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 26 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 27 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 28 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 29 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 30 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 31 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 32 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 33 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 34 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 35 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 36 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 37 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 38 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 39 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 40 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 41 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 42 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 43 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 44 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 45 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 46 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 47 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 48 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 49 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 50 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 51 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 52 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 53 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 54 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 55 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 56 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 57 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 58 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 59 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 60 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 61 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 62 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 63 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 64 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 65 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 66 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 67 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 68 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 69 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 70 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 71 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 72 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 73 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 74 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 75 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 76 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 77 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 78 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 79 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 80 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 81 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 82 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 83 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 84 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 85 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 86 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 87 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 88 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 89 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 90 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.6 |
|
| 1 |
| url |
pkg:composer/pimcore/pimcore@10.2.9 |
| purl |
pkg:composer/pimcore/pimcore@10.2.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 9 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 10 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 11 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 12 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 13 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 14 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 15 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 16 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 17 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 18 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 19 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 20 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 21 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 22 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 23 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 24 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 25 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 26 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 27 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 28 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 29 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 30 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 31 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 32 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 33 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 34 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 35 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 36 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 37 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 38 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 39 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 40 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 41 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 42 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 43 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 44 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 45 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 46 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 47 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 48 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 49 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 50 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 51 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 52 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 53 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 54 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 55 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 56 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 57 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 58 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 59 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 60 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 61 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 62 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 63 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 64 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 65 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 66 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 67 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 68 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 69 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 70 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 71 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 72 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 73 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 74 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 75 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 76 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 77 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 78 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 79 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 80 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 81 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 82 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 83 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.2.9 |
|
|
| aliases |
CVE-2021-4146, GHSA-54hw-mhgh-x4vc
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xq4y-918u-yfe7 |
|
| 105 |
| url |
VCID-xvhk-gv9z-53hb |
| vulnerability_id |
VCID-xvhk-gv9z-53hb |
| summary |
Pimcore is Vulnerable to Broken Access Control: Missing Function Level Authorization on "Static Routes" Listing
The application fails to enforce proper server-side authorization checks on the API endpoint responsible for reading or listing static routes. In Pimcore, static routes are custom URL patterns defined via the backend interface or the var/config/staticroutes.php file, including details like regex-based patterns, controllers, variables, and priorities. These routes are registered automatically through the PimcoreStaticRoutesBundle and integrated into the MVC routing system. Testing revealed that an authenticated backend user lacking explicit permissions was able to invoke the endpoint (e.g., GET /api/static-routes) and retrieve sensitive route configurations. This violates OWASP A01:2021 Broken Access Control, as function-level authorization is absent, allowing unauthorized access to internal routing metadata. Without validation, the endpoint exposes route structures, potentially revealing application architecture, endpoints, or custom logic intended for administrative roles only. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2026-23494, GHSA-m3r2-724c-pwgf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xvhk-gv9z-53hb |
|
| 106 |
| url |
VCID-yq5e-ruk6-9ud2 |
| vulnerability_id |
VCID-yq5e-ruk6-9ud2 |
| summary |
Improper Restriction of Excessive Authentication Attempts
Pimcore allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@6.2.2 |
| purl |
pkg:composer/pimcore/pimcore@6.2.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-9k8b-a52b-47fx |
|
| 19 |
| vulnerability |
VCID-a66j-sth4-d3dc |
|
| 20 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 21 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 22 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 23 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 24 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 25 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 26 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 27 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 28 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 29 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 30 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 31 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 32 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 33 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 34 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 35 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 36 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 37 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 38 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 39 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 40 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 41 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 42 |
| vulnerability |
VCID-ejnh-57m7-ffab |
|
| 43 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 44 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 45 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 46 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 47 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 48 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 49 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 50 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 51 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 52 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 53 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 54 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 55 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 56 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 57 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 58 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 59 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 60 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 61 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 62 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 63 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 64 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 65 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 66 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 67 |
| vulnerability |
VCID-p33r-uxhp-q3eu |
|
| 68 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 69 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 70 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 71 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 72 |
| vulnerability |
VCID-pygu-76pc-r7as |
|
| 73 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 74 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 75 |
| vulnerability |
VCID-qrue-na7k-jkf6 |
|
| 76 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 77 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 78 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 79 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 80 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 81 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 82 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 83 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 84 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 85 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 86 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 87 |
| vulnerability |
VCID-umwk-nrvg-6bg5 |
|
| 88 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 89 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 90 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 91 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 92 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 93 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 94 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 95 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 96 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 97 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 98 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 99 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 100 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 101 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 102 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 103 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 104 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 105 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 106 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@6.2.2 |
|
|
| aliases |
CVE-2019-18986, GHSA-8889-9g3f-73rj
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yq5e-ruk6-9ud2 |
|
| 107 |
| url |
VCID-yrnf-q3z4-jfh1 |
| vulnerability_id |
VCID-yrnf-q3z4-jfh1 |
| summary |
Pimcore ENV Variables and Cookie Informations are exposed in http_error_log
The http_error_log file stores the $_COOKIE and $_SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through the Pimcore backend. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2026-23493, GHSA-q433-j342-rp9h
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yrnf-q3z4-jfh1 |
|
| 108 |
| url |
VCID-yxfb-p2aw-t3ga |
| vulnerability_id |
VCID-yxfb-p2aw-t3ga |
| summary |
Inappropriate Encoding for Output Context
Pimcore lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@6.2.2 |
| purl |
pkg:composer/pimcore/pimcore@6.2.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1qrb-ra1y-1uf3 |
|
| 1 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 2 |
| vulnerability |
VCID-23ea-6aqe-37eb |
|
| 3 |
| vulnerability |
VCID-29a6-htj3-z3dr |
|
| 4 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 5 |
| vulnerability |
VCID-3554-b9ab-rqc9 |
|
| 6 |
| vulnerability |
VCID-3qx3-fvbw-3fay |
|
| 7 |
| vulnerability |
VCID-3y83-5tzw-g3h3 |
|
| 8 |
| vulnerability |
VCID-42wv-rbrs-43eh |
|
| 9 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 10 |
| vulnerability |
VCID-66tj-dw5v-kqdm |
|
| 11 |
| vulnerability |
VCID-6p5t-7h74-gueh |
|
| 12 |
| vulnerability |
VCID-6sy7-7q66-g3b2 |
|
| 13 |
| vulnerability |
VCID-7km3-dmkc-dygb |
|
| 14 |
| vulnerability |
VCID-8db4-zxk5-tqab |
|
| 15 |
| vulnerability |
VCID-8mnw-8egh-cycq |
|
| 16 |
| vulnerability |
VCID-8p88-g4b6-sfg3 |
|
| 17 |
| vulnerability |
VCID-91fn-ycss-c3c1 |
|
| 18 |
| vulnerability |
VCID-9k8b-a52b-47fx |
|
| 19 |
| vulnerability |
VCID-a66j-sth4-d3dc |
|
| 20 |
| vulnerability |
VCID-a9rr-m13m-yuc6 |
|
| 21 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 22 |
| vulnerability |
VCID-b5sk-cu89-hubw |
|
| 23 |
| vulnerability |
VCID-b8x1-6xn4-c7gm |
|
| 24 |
| vulnerability |
VCID-begq-psyd-fyh3 |
|
| 25 |
| vulnerability |
VCID-bqh2-mx6q-pygq |
|
| 26 |
| vulnerability |
VCID-c2ht-41t3-eqaq |
|
| 27 |
| vulnerability |
VCID-c8ex-6vwd-zkd4 |
|
| 28 |
| vulnerability |
VCID-ccyy-h9dp-cya2 |
|
| 29 |
| vulnerability |
VCID-cndq-yx1e-jkg7 |
|
| 30 |
| vulnerability |
VCID-cr5h-bz5b-jufg |
|
| 31 |
| vulnerability |
VCID-cyfe-vput-1fbk |
|
| 32 |
| vulnerability |
VCID-d3ns-rfuc-dkdp |
|
| 33 |
| vulnerability |
VCID-d6cw-a4th-eueu |
|
| 34 |
| vulnerability |
VCID-dakz-7vpr-ykbe |
|
| 35 |
| vulnerability |
VCID-daqy-9srj-kkbc |
|
| 36 |
| vulnerability |
VCID-de2k-yy77-6yhn |
|
| 37 |
| vulnerability |
VCID-dmkv-tpma-qbfn |
|
| 38 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 39 |
| vulnerability |
VCID-dt28-cwh4-gyga |
|
| 40 |
| vulnerability |
VCID-e35r-qy72-4uaj |
|
| 41 |
| vulnerability |
VCID-e9sz-xvw9-4fbb |
|
| 42 |
| vulnerability |
VCID-ejnh-57m7-ffab |
|
| 43 |
| vulnerability |
VCID-erpf-xa8n-afcf |
|
| 44 |
| vulnerability |
VCID-f1st-tu3e-5qem |
|
| 45 |
| vulnerability |
VCID-fjvx-uvar-6fcq |
|
| 46 |
| vulnerability |
VCID-fk9y-7e4h-3uey |
|
| 47 |
| vulnerability |
VCID-fkd6-pyag-kyc6 |
|
| 48 |
| vulnerability |
VCID-fzt2-896e-wudc |
|
| 49 |
| vulnerability |
VCID-g2xz-1vbj-qufd |
|
| 50 |
| vulnerability |
VCID-g8h5-e165-1bay |
|
| 51 |
| vulnerability |
VCID-g8ha-yccg-p3f8 |
|
| 52 |
| vulnerability |
VCID-gt5w-6b92-1qfz |
|
| 53 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 54 |
| vulnerability |
VCID-hz2p-k88z-nbdb |
|
| 55 |
| vulnerability |
VCID-j8d3-zaj3-xuax |
|
| 56 |
| vulnerability |
VCID-jmdu-dpju-abee |
|
| 57 |
| vulnerability |
VCID-jv87-2e53-13as |
|
| 58 |
| vulnerability |
VCID-kb9x-es6p-73eh |
|
| 59 |
| vulnerability |
VCID-kw4t-2xte-b3du |
|
| 60 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 61 |
| vulnerability |
VCID-muk7-qswq-j3cy |
|
| 62 |
| vulnerability |
VCID-mvg7-d7ef-37fj |
|
| 63 |
| vulnerability |
VCID-n6ne-ucpz-u3bb |
|
| 64 |
| vulnerability |
VCID-n6nv-8sfz-mbce |
|
| 65 |
| vulnerability |
VCID-nkvu-1mye-dfbm |
|
| 66 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 67 |
| vulnerability |
VCID-p33r-uxhp-q3eu |
|
| 68 |
| vulnerability |
VCID-p3g5-vbhk-h3h7 |
|
| 69 |
| vulnerability |
VCID-p3kp-be4v-nqca |
|
| 70 |
| vulnerability |
VCID-ppb6-perx-z7g3 |
|
| 71 |
| vulnerability |
VCID-ppum-bu2e-b3hr |
|
| 72 |
| vulnerability |
VCID-pygu-76pc-r7as |
|
| 73 |
| vulnerability |
VCID-q4w5-13sd-xfdr |
|
| 74 |
| vulnerability |
VCID-qh25-w41n-eubf |
|
| 75 |
| vulnerability |
VCID-qrue-na7k-jkf6 |
|
| 76 |
| vulnerability |
VCID-rnht-mqx9-sucr |
|
| 77 |
| vulnerability |
VCID-s6f2-dbzx-kugz |
|
| 78 |
| vulnerability |
VCID-s6xd-j7a8-u3c8 |
|
| 79 |
| vulnerability |
VCID-sdww-bp7g-9ygj |
|
| 80 |
| vulnerability |
VCID-shds-jhqq-ufd1 |
|
| 81 |
| vulnerability |
VCID-svwv-zn1s-xbdn |
|
| 82 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 83 |
| vulnerability |
VCID-tn1v-4yx7-8uat |
|
| 84 |
| vulnerability |
VCID-tx4m-dken-57hp |
|
| 85 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 86 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 87 |
| vulnerability |
VCID-umwk-nrvg-6bg5 |
|
| 88 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 89 |
| vulnerability |
VCID-upjh-4jdt-xbgd |
|
| 90 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 91 |
| vulnerability |
VCID-vra6-hemr-kuf1 |
|
| 92 |
| vulnerability |
VCID-vser-cuam-k7hs |
|
| 93 |
| vulnerability |
VCID-w2hy-y2fn-m7gz |
|
| 94 |
| vulnerability |
VCID-w2nk-gqyj-3yay |
|
| 95 |
| vulnerability |
VCID-w3x1-neky-ckeg |
|
| 96 |
| vulnerability |
VCID-wj8w-76xv-jucd |
|
| 97 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 98 |
| vulnerability |
VCID-wqx5-j39q-7yep |
|
| 99 |
| vulnerability |
VCID-wrtm-zhun-ffbt |
|
| 100 |
| vulnerability |
VCID-xks7-nx83-9khy |
|
| 101 |
| vulnerability |
VCID-xq4y-918u-yfe7 |
|
| 102 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 103 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
| 104 |
| vulnerability |
VCID-znuu-45u6-5uc7 |
|
| 105 |
| vulnerability |
VCID-zrfm-ght3-yfht |
|
| 106 |
| vulnerability |
VCID-zybv-3qck-dqgs |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@6.2.2 |
|
|
| aliases |
CVE-2019-18981, GHSA-jhcf-j4hg-v64r
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yxfb-p2aw-t3ga |
|
| 109 |
| url |
VCID-znuu-45u6-5uc7 |
| vulnerability_id |
VCID-znuu-45u6-5uc7 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 11.0.0. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2023-1247, GHSA-8wg7-88cg-7p9j
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-znuu-45u6-5uc7 |
|
| 110 |
| url |
VCID-zrfm-ght3-yfht |
| vulnerability_id |
VCID-zrfm-ght3-yfht |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2615, GHSA-q7cc-m6jw-m262
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zrfm-ght3-yfht |
|
| 111 |
| url |
VCID-zybv-3qck-dqgs |
| vulnerability_id |
VCID-zybv-3qck-dqgs |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/pimcore/pimcore@10.5.21 |
| purl |
pkg:composer/pimcore/pimcore@10.5.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-21s4-mb97-v7bh |
|
| 1 |
| vulnerability |
VCID-2gzw-gxs8-zkbq |
|
| 2 |
| vulnerability |
VCID-53nb-8vf3-9ubb |
|
| 3 |
| vulnerability |
VCID-b358-dxdm-vqe7 |
|
| 4 |
| vulnerability |
VCID-dmrj-fj5a-vqbh |
|
| 5 |
| vulnerability |
VCID-hmpr-1fgb-jqea |
|
| 6 |
| vulnerability |
VCID-m5ct-vypc-kbgv |
|
| 7 |
| vulnerability |
VCID-nnem-28fp-xugy |
|
| 8 |
| vulnerability |
VCID-tcpz-9zjx-q3c7 |
|
| 9 |
| vulnerability |
VCID-u66z-9utb-7uf2 |
|
| 10 |
| vulnerability |
VCID-u889-d2cm-2kfk |
|
| 11 |
| vulnerability |
VCID-upfw-kpy5-3qd8 |
|
| 12 |
| vulnerability |
VCID-vqdy-2yzt-7qdf |
|
| 13 |
| vulnerability |
VCID-wneb-ka1d-rfbw |
|
| 14 |
| vulnerability |
VCID-xvhk-gv9z-53hb |
|
| 15 |
| vulnerability |
VCID-yrnf-q3z4-jfh1 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/pimcore/pimcore@10.5.21 |
|
|
| aliases |
CVE-2023-2328, GHSA-2295-vh28-pphc
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zybv-3qck-dqgs |
|