CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based on the ExtJS framework. An admin who has not setup two factor authentication before is vulnerable for this attack, without need for any form of privilege, causing the application to execute arbitrary scripts/HTML content. This...

6.1CVSS7.6AI score0.00018EPSS

Exploits0

RedhatCVE•added 2025/05/23 1:58 a.m.•4 views

CVE-2023-47636

The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Full Path Disclosure FPD vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the loadfile within a SQL Injection query to view the page...

5.3CVSS7.4AI score0.00005EPSS

Exploits1References1

Snyk•added 2025/02/07 8:41 p.m.•4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the reset password link sent through the Forgot Password functionality. An attacker can determine valid user accounts by observing error messages that disclose whether an account exists. Remediation Upgrade...

6.9CVSS7AI score0.00008EPSS

Exploits1References2

RedhatCVE•added 2025/02/05 1:1 p.m.•7 views

CVE-2024-25625

Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. A potential security vulnerability has been discovered in pimcore/admin-ui-classic-bundle prior to version 1.3.4. The vulnerability involves a Host Header Injection in the invitationLinkAction function of the UserController,...

9.3CVSS7AI score0.00029EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by