dpahuja

7 exploits Active since Dec 2021
CVE-2021-4139 WRITEUP CRITICAL WRITEUP
Pimcore < 10.2.7 - XSS
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS 9.0
CVE-2022-0285 WRITEUP MEDIUM WRITEUP
Packagist pimcore/pimcore <10.2.9 - XSS
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.9.
CVSS 5.4
CVE-2022-0509 WRITEUP MEDIUM WRITEUP
Packagist pimcore/pimcore <10.3.1 - XSS
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.3.1.
CVSS 5.4
CVE-2022-0510 WRITEUP MEDIUM WRITEUP
Packagist pimcore/pimcore <10.3.1 - XSS
Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1.
CVSS 5.4
CVE-2022-0665 WRITEUP MEDIUM WRITEUP
pimcore <10.3.2 - Path Traversal
Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2.
CVSS 6.5
CVE-2022-0955 WRITEUP MEDIUM WRITEUP
Pimcore Data-hub < 1.2.4 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/data-hub prior to 1.2.4.
CVSS 4.8
CVE-2022-1219 WRITEUP HIGH WRITEUP
Pimcore < 10.3.5 - SQL Injection
SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data
CVSS 7.5