Divesh Pahuja

16 exploits Active since Mar 2022
CVE-2022-0704 WRITEUP MEDIUM WRITEUP
GitHub pimcore/pimcore <10.4.0 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVSS 5.4
CVE-2022-0705 WRITEUP MEDIUM WRITEUP
GitHub pimcore/pimcore <10.4.0 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVSS 5.4
CVE-2022-0893 WRITEUP MEDIUM WRITEUP
pimcore < 10.3.0 and 10.4.0 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVSS 5.4
CVE-2022-0894 WRITEUP MEDIUM WRITEUP
pimcore < 10.3.0 and 10.3.0-10.4.0 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVSS 5.4
CVE-2022-0911 WRITEUP MEDIUM WRITEUP
pimcore < 10.3.0 and 10.3.0-10.4.0 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVSS 5.4
CVE-2022-2796 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.4 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.4.
CVSS 4.8
CVE-2022-3211 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.6 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.6.
CVSS 5.4
CVE-2022-39365 WRITEUP CRITICAL WRITEUP
pimcore < 10.5.9 - Server-Side Template Injection in Twig Template Rendering
Pimcore is an open source data and experience management platform. Prior to version 10.5.9, the user controlled twig templates rendering in `Pimcore/Mail` & `ClassDefinition\Layout\Text` is vulnerable to server-side template injection, which could lead to remote code execution. Version 10.5.9 contains a patch for this issue. As a workaround, one may apply the patch manually.
CVSS 9.8
CVE-2023-1312 WRITEUP MEDIUM WRITEUP
pimcore < 10.5.19 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.19.
CVSS 4.8
CVE-2023-2881 WRITEUP MEDIUM WRITEUP
pimcore/customer-data-framework <3.3.10 - Info Disclosure
Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10.
CVSS 4.9
CVE-2023-46722 WRITEUP MEDIUM WRITEUP
Pimcore Admin Classic Bundle <1.2.0 - XSS
The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Users should upgrade to version 1.2.0 to receive a patch or, as a workaround, apply the patch manually.
CVSS 6.1
CVE-2023-46722 WRITEUP MEDIUM WRITEUP
Pimcore Admin Classic Bundle <1.2.0 - XSS
The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Users should upgrade to version 1.2.0 to receive a patch or, as a workaround, apply the patch manually.
CVSS 6.1
CVE-2023-47636 WRITEUP MEDIUM WRITEUP
Pimcore Admin Classic Bundle < 1.2.1 - Full Path Disclosure via fopen Error Handling
The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the load_file() (within a SQL Injection) query to view the page source, require the attacker to have the full path to the file they wish to view. In the case of pimcore, the fopen() function here doesn't have an error handle when the file doesn't exist on the server so the server response raises the full path "fopen(/var/www/html/var/tmp/export-{ uniqe id}.csv)". This issue has been patched in commit `10d178ef771` which has been included in release version 1.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS 5.3
CVE-2023-49075 WRITEUP HIGH WRITEUP
Pimcore <1.2.2 - Privilege Escalation
The Admin Classic Bundle provides a Backend UI for Pimcore. `AdminBundle\Security\PimcoreUserTwoFactorCondition` introduced in v11 disable the two factor authentication for all non-admin security firewalls. An authenticated user can access the system without having to provide the two factor credentials. This issue has been patched in version 1.2.2.
CVSS 8.4
CVE-2023-5844 WRITEUP HIGH WRITEUP
pimcore admin_classic_bundle < 1.1.4 and admin-ui-classic-bundle < 1.2.0-RC1 - Unverified Password Change
Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0.
CVSS 7.2
CVE-2023-5873 WRITEUP MEDIUM WRITEUP
pimcore < 11.1.0 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 11.1.0.
CVSS 5.4