2 matches found
CVE-2023-30855
Pimcore Path Traversal (CVE-2023-30855) affects Pimcore versions before 10.5.18, specifically in AdminBundle/Controller/Reports/CustomReportController.php. The vulnerability allows path traversal and arbitrary file creation/append operations; when combined with SQL Injection, it can expose or rea...
CVE-2023-30855 Pimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php
Pimcore is an open source data and experience management platform. Versions of Pimcore prior to 10.5.18 are vulnerable to path traversal. The impact of this path traversal and arbitrary extension is limited to creation of arbitrary files and appending data to existing files. When combined with th...