Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/05/05 8:21 p.m.8 views

CVE-2026-5394

An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled composite index metadata and trigger unintended SQL execution in the backend. This issue affects pimcore: 12.3.3...

7CVSS6AI score0.00346EPSS
Exploits0References1
OSV
OSV
added 2026/04/27 9:31 p.m.5 views

GHSA-C8G3-X47W-8Q7P Duplicate Advisory: Pimcore admin users can trigger SQL Injection

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r2f4-ff2p-xc64. This link is maintained to preserve external references. Original Description An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controll...

7CVSS5.9AI score0.00346EPSS
Exploits0References4
NVD
NVD
added 2026/04/27 8:16 p.m.7 views

CVE-2026-5394

An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled composite index metadata and trigger unintended SQL execution in the backend. This issue affects pimcore: 12.3.3...

7CVSS0.00346EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/27 7:15 p.m.4 views

CVE-2026-5394

An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled composite index metadata and trigger unintended SQL execution in the backend. This issue affects pimcore: 12.3.3...

7CVSS5.8AI score0.00346EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.18 views

PT-2026-35518

Name of the Vulnerable Software and Affected Versions Pimcore version 12.3.3 Description An authenticated administrative user with permissions to import or save DataObject class definitions can inject malicious composite index metadata. This action allows the execution of unintended SQL commands ...

7CVSS6AI score0.00346EPSS
Exploits0References13
Rows per page
Query Builder