Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

aimeos — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting aimeos. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by aimeos:ai-admin-graphqlaimeos-coreai-client-htmlai-controller-frontendai-admin-jsonadmai-cms-grapesjsAimeos Laravel ecommerce platform
CVE IDTitleCVSSSeverityPublished
CVE-2021-47763 Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection — Aimeos Laravel ecommerce platformCWE-89 8.2 High2026-01-15
CVE-2025-66468 Aimeos GrapesJS CMS extension possible stores XSS exploitable by authenticated editors — ai-cms-grapesjsCWE-79 7.7 High2025-12-02
CVE-2024-47173 Aimeos GraphQL API admin interface denial of service vulnerability in SaaS and marketplace setups — ai-admin-graphqlCWE-270 5.5 Medium2024-10-24
CVE-2024-39319 aimeos/ai-controller-frontend has IDOR vulnerability in account profile page — ai-controller-frontendCWE-639--AI2024-09-26
CVE-2024-39325 aimeos/ai-controller-frontend doesn't reset payment status in basket — ai-controller-frontendCWE-841 5.3 Medium2024-07-02
CVE-2024-39322 aimeos/ai-admin-jsonadm improper access control vulnerability allows editors to remove required records — ai-admin-jsonadmCWE-863 5.5 Medium2024-07-02
CVE-2024-39324 aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services — ai-admin-graphqlCWE-1220 3.8 Low2024-07-02
CVE-2024-39323 aimeos/ai-admin-graphql improper access control vulnerability allows an editor to modify admin account — ai-admin-graphqlCWE-1220 7.1 High2024-07-02
CVE-2024-38516 Aimeos HTML client may potentially reveal sensitive information in error log — ai-client-htmlCWE-1295 8.8 High2024-06-25
CVE-2024-37296 Aimeos HTML client vulnerable to digital products download without proper payment status check — ai-client-htmlCWE-841 5.3 Medium2024-06-11
CVE-2024-37295 Aimeos Core remote code execution in web server context — aimeos-coreCWE-73 7.2 High2024-06-11
CVE-2024-37294 Aimeos denial of service vulnerability in SaaS and marketplace setups — aimeos-coreCWE-270 5.5 Medium2024-06-11

This page lists every published CVE security advisory associated with aimeos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.