CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1429 – SQL injection in GridHelperService.php in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-1429
SQL injection in GridHelperService.php in GitHub repository pimcore/pimcore prior to 10.3.6. This vulnerability is capable of steal the data Una inyección SQL en el archivo GridHelperService.php en el repositorio de GitHub pimcore/pimcore versiones anteriores a 10.3.6. Esta vulnerabilidad es capaz de robar los datos • https://github.com/pimcore/pimcore/commit/523a735ab94f004459b84ffdfd3db784586bbd82 https://huntr.dev/bounties/cfba30b4-85fa-4499-9160-cd6e3119310e • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1351 – Stored XSS in Tooltip in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-1351
Stored XSS in Tooltip in GitHub repository pimcore/pimcore prior to 10.4. Una vulnerabilidad de tipo XSS almacenado en Tooltip en el repositorio de GitHub pimcore/pimcore versiones anteriores a 10.4 • https://github.com/pimcore/pimcore/commit/8c39a8b8f14dce078b31f61c4da599ca6f8fc7ac https://huntr.dev/bounties/c23ae6c2-2e53-4bf5-85b0-e90418476615 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1339 – SQL injection in ElementController.php in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-1339
SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data Una Inyección SQL en el archivo ElementController.php en el repositorio de GitHub pimcore/pimcore versiones anteriores a 10.3.5. Esta vulnerabilidad es capaz de robar los datos • https://github.com/pimcore/pimcore/commit/adae3be64427466bf0df15ceaea2ac30da93752c https://huntr.dev/bounties/ae8dc737-844e-40da-a9f7-e72d8e50f6f9 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1219 – SQL injection in RecyclebinController.php in pimcore/pimcore
https://notcve.org/view.php?id=CVE-2022-1219
SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data Una inyección SQL en el archivo RecyclebinController.php en el repositorio de GitHub pimcore/pimcore versiones anteriores a 10.3.5. Esta vulnerabilidad es capaz de robar los datos • https://github.com/pimcore/pimcore/commit/a697830359df06246acca502ee2455614de68017 https://huntr.dev/bounties/f700bd18-1fd3-4a05-867f-07176aebc7f6 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0955 – Cross-site Scripting (XSS) - Stored in pimcore/data-hub
https://notcve.org/view.php?id=CVE-2022-0955
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/data-hub prior to 1.2.4. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub pimcore/data-hub versiones anteriores a 1.2.4 • https://github.com/pimcore/data-hub/commit/15d5b57af2466eebd3bbc531ead5dafa35d0a36e https://huntr.dev/bounties/708971a6-1e6c-4c51-a411-255caeba51df • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •