Lucene search

K

CVE-2014-2921

🗓️ 21 Apr 2014 22:08:55Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 35 Views

The getObjectByToken function in Newsletter.php in pimcore 1.4.9 through 2.0.0 allows remote PHP object injection attacks via vectors involving a Zend_Pdf_ElementFactory_Proxy object and a pathname with a trailing \0 character

Show more
Related
Detection
Refs
ReporterTitlePublishedViews
Family
Prion
Design/Logic Flaw
21 Apr 201422:55
prion
NVD
CVE-2014-2921
21 Apr 201422:55
nvd
Cvelist
CVE-2014-2921
21 Apr 201422:00
cvelist
Github Security Blog
Pimcore Vulnerable to PHP Object Injection Attacks
17 May 202204:46
github
OSV
Pimcore Vulnerable to PHP Object Injection Attacks
17 May 202204:46
osv
Exploit DB
Pimcore CMS 1.4.9 <2.1.0 - Multiple Vulnerabilities
12 Oct 201400:00
exploitdb
exploitpack
Pimcore CMS 1.4.9 2.1.0 - Multiple Vulnerabilities
12 Oct 201400:00
exploitpack
Nvd
Node
pimcorepimcoreMatch1.4.9
OR
pimcorepimcoreMatch1.5.0
OR
pimcorepimcoreMatch2.1.0
OR
pimcorepimcoreMatch2.2.0

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo