CVE-2022-0665 – Path Traversal in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-0665
Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2. Un Salto de Ruta en el repositorio de GitHub pimcore/pimcore versiones anteriores a 10.3.2 • https://github.com/pimcore/pimcore/commit/28945649a6234ccaa8c94c6cd83d1954603baf3e https://huntr.dev/bounties/423df64d-c591-4ad9-bf1c-411bcbc06ba3 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2022-0565 – Cross-site Scripting in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-0565
Cross-site Scripting in Packagist pimcore/pimcore prior to 10.3.1. Una Exposición de Información Confidencial a un Actor no Autorizado en Packagist pimcore/pimcore versiones anteriores a 10.3.1 • https://github.com/pimcore/pimcore/commit/7697f709a501860144352696e583a2533a6e1245 https://huntr.dev/bounties/b0b29656-4bbe-41cf-92f6-8579df0b6de5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-0510 – Cross-site Scripting (XSS) - Reflected in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-0510
Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Reflejado en Packagist pimcore/pimcore versiones anteriores a 10.3.1 • https://github.com/pimcore/pimcore/commit/b5a9ad65e5a4dde1916f02019f8686ad835681ce https://huntr.dev/bounties/bb3525d5-dedc-48b8-ab04-ad4c72499abe • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-0509 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-0509
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.3.1. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en Packagist pimcore/pimcore versiones anteriores a 10.3.1 • https://github.com/pimcore/pimcore/commit/6ccb5c12fc1be065ebce9c89c4677ee939b88597 https://huntr.dev/bounties/26cdf86c-8edc-4af6-8411-d569699ecd1b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-0348 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-0348
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en Packagist pimcore/pimcore versiones anteriores a 10.2 • https://github.com/pimcore/pimcore/commit/832c34aeb9f21f213295a0c28377132df996352a https://huntr.dev/bounties/250e79be-7e5d-4ba3-9c34-655e39ade2f4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •