Christian F

16 exploits Active since Feb 2023
CVE-2023-0827 WRITEUP MEDIUM WRITEUP
pimcore < 1.5.17 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 1.5.17.
CVSS 5.4
CVE-2023-1067 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.18 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18.
CVSS 5.4
CVE-2023-1116 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.18 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18.
CVSS 5.4
CVE-2023-1117 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.18 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.18.
CVSS 5.4
CVE-2023-1578 WRITEUP HIGH WRITEUP
pimcore < 10.5.19 - SQL Injection
SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.19.
CVSS 8.8
CVE-2023-2327 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.21 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS 5.4
CVE-2023-2328 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.21 - Cross-Site Scripting
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS 5.4
CVE-2023-2338 WRITEUP HIGH WRITEUP
pimcore < 10.5.21 - SQL Injection
SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS 8.8
CVE-2023-2341 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.21 - Cross-Site Scripting
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS 6.1
CVE-2023-2342 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.21 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS 5.4
CVE-2023-2361 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.21 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS 5.4
CVE-2023-2615 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.21 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS 5.4
CVE-2023-2616 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.21 - Cross-Site Scripting
Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS 5.4
CVE-2023-2630 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.21 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.
CVSS 4.8
CVE-2023-28106 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.19 - Cross-Site Scripting
Pimcore is an open source data and experience management platform. Prior to version 10.5.19, an attacker can use cross-site scripting to send a malicious script to an unsuspecting user. Users may upgrade to version 10.5.19 to receive a patch or, as a workaround, apply the patch manually.
CVSS 6.1
CVE-2023-2984 WRITEUP HIGH WRITEUP
pimcore < 10.5.22 - Path Traversal via Backslash Dot-Dot-Slash Sequence
Path Traversal: '\..\filename' in GitHub repository pimcore/pimcore prior to 10.5.22.
CVSS 8.8