CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0263 – Unrestricted Upload of File with Dangerous Type in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-0263
Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore prior to 10.2.7. Una Carga Irrestricta de Archivo de Tipo Peligroso en el Empaquetador pimcore/pimcore versiones anteriores a 10.2.7 • https://github.com/pimcore/pimcore/commit/35d1853baf64d6a1d90fd8803e52439da53a3911 https://huntr.dev/bounties/96506857-06bc-4c84-88b7-4f397715bcf6 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0262 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-0262
Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.7. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en Packagist pimcore/pimcore versiones anteriores a 10.2.7 • https://github.com/pimcore/pimcore/commit/6f36e841ce55f67e2e95253dd58f80659ef166c7 https://huntr.dev/bounties/b38a4e14-5dcb-4e49-9990-494dc2a8fa0d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4146 – Business Logic Errors in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2021-4146
Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6. Unos Errores de Lógica de Negocio en el repositorio de GitHub pimcore/pimcore versiones anteriores a 10.2.6 • https://github.com/pimcore/pimcore/commit/7011922f7f0f97a82d8c378559b91fcdb34604a6 https://huntr.dev/bounties/47b37054-cafe-4f48-8b40-c86efc7fb760 • CWE-840: Business Logic Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0260 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-0260
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.7. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub pimcore/pimcore versiones anteriores a 10.2.7 • https://github.com/pimcore/pimcore/commit/3125d5f0c04cfb5835857ca9416f0bb143130a2f https://huntr.dev/bounties/89e4ab60-21ec-4396-92ad-5b78d4c2897e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0257 – Cross-site Scripting (XSS) - Stored in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-0257
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') pimcore es vulnerable a una Neutralización Inapropiada de la Entrada Durante la Generación de la Página Web ("Cross-site Scripting") • https://github.com/pimcore/pimcore/commit/dfaf78b26fb77990267c0cc05b9fcb9f8de7b66d https://huntr.dev/bounties/bad2073c-bbd5-4425-b3e9-c336b73ddda6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •