RSS   Vulnerabilities for 'Pimcore'   RSS

2019-11-18
 
CVE-2019-10763

CWE-89
 

 
pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and 'tables' parameters, using a payload for trigger a time based or error based sql injection.

 
2019-11-15
 
CVE-2019-18986

CWE-307
 

 
Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.

 
 
CVE-2019-18985

CWE-307
 

 
Pimcore before 6.2.2 lacks brute force protection for the 2FA token.

 
 
CVE-2019-18982

CWE-79
 

 
bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header.

 
 
CVE-2019-18981

CWE-838
 

 
Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.

 
2019-09-14
 
CVE-2019-16318

CWE-434
 

 
In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317.

 
 
CVE-2019-16317

CWE-502
 

 
In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerability than CVE-2019-10867 and CVE-2019-16318.

 
2019-04-04
 
CVE-2019-10867

CWE-502
 

 
An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php.

 
2018-08-24
 
CVE-2018-14059

CWE-79
 

 
Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions.

 
2018-08-17
 
CVE-2018-14058

 

 
Pimcore before 5.3.0 allows SQL Injection via the REST web service API.

 


Copyright 2020, cxsecurity.com

 

Back to Top