| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-37280 | Pimcore admin UI vulnerable to Cross-site Scripting in two factor authentication setup page | pimcore | admin-ui-classic-bundle | Medium | 5.0 | 2023-07-11 18:19:37 | Deep Dive |
| CVE-2023-3574 | Improper Authorization in pimcore/customer-data-framework | pimcore | pimcore/customer-data-framework | 中危 | - | 2023-07-10 08:48:32 | Deep Dive |
| CVE-2023-2984 | Path Traversal: '\..\filename' in pimcore/pimcore | pimcore | pimcore/pimcore | 高危 | - | 2023-05-30 00:00:00 | Deep Dive |
| CVE-2023-2983 | Privilege Defined With Unsafe Actions in pimcore/pimcore | pimcore | pimcore/pimcore | 高危 | - | 2023-05-30 00:00:00 | Deep Dive |
| CVE-2023-2881 | Storing Passwords in a Recoverable Format in pimcore/customer-data-framework | pimcore | pimcore/customer-data-framework | 中危 | - | 2023-05-25 00:00:00 | Deep Dive |
| CVE-2023-2756 | SQL Injection in pimcore/customer-data-framework | pimcore | pimcore/customer-data-framework | 高危 | - | 2023-05-17 00:00:00 | Deep Dive |
| CVE-2023-2730 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore | pimcore | pimcore/pimcore | 中危 | - | 2023-05-16 00:00:00 | Deep Dive |
| CVE-2023-32075 | Pimcore vulnerable to Business Logic Errors in Customer automation rules | pimcore | customer-data-framework | Medium | 4.3 | 2023-05-11 16:39:38 | Deep Dive |
| CVE-2023-2630 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore | pimcore | pimcore/pimcore | 中危 | - | 2023-05-10 00:00:00 | Deep Dive |
| CVE-2023-2614 | Cross-site Scripting (XSS) - DOM in pimcore/pimcore | pimcore | pimcore/pimcore | 中危 | - | 2023-05-10 00:00:00 | Deep Dive |
| CVE-2023-2615 | Cross-site Scripting (XSS) - Reflected in pimcore/pimcore | pimcore | pimcore/pimcore | 中危 | - | 2023-05-10 00:00:00 | Deep Dive |
| CVE-2023-2616 | Cross-site Scripting (XSS) - Generic in pimcore/pimcore | pimcore | pimcore/pimcore | 中危 | - | 2023-05-10 00:00:00 | Deep Dive |
| CVE-2023-2629 | Improper Neutralization of Formula Elements in a CSV File in pimcore/customer-data-framework | pimcore | pimcore/customer-data-framework | 高危 | - | 2023-05-10 00:00:00 | Deep Dive |
| CVE-2023-30855 | Pimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php | pimcore | pimcore | Medium | 6.5 | 2023-05-08 17:59:14 | Deep Dive |
| CVE-2023-2361 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore | pimcore | pimcore/pimcore | 中危 | - | 2023-04-28 00:00:00 | Deep Dive |
| CVE-2023-30852 | Pimcore Arbitrary File Read in Admin JS CSS files | pimcore | pimcore | Medium | 4.4 | 2023-04-27 16:44:28 | Deep Dive |
| CVE-2023-30850 | Pimcore SQL Injection Vulnerability in Admin Translations API | pimcore | pimcore | High | 8.8 | 2023-04-27 16:13:12 | Deep Dive |
| CVE-2023-30849 | Pimcore vulnerable to SQL Injection in Translation Export API | pimcore | pimcore | High | 8.8 | 2023-04-27 15:58:16 | Deep Dive |
| CVE-2023-30848 | Pimcore SQL Injection Vulnerability in Admin Search Find API | pimcore | pimcore | High | 8.8 | 2023-04-27 15:03:31 | Deep Dive |
| CVE-2023-2338 | SQL Injection in pimcore/pimcore | pimcore | pimcore/pimcore | 高危 | - | 2023-04-27 00:00:00 | Deep Dive |