CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 4CVE-2018-14058 – Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2018-14058
Pimcore before 5.3.0 allows SQL Injection via the REST web service API. Pimcore en versiones anteriores a la 5.3.0 permite la inyección SQL mediante la API REST de servicio web. Pimcore versions 5.2.3 and below suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. • https://www.exploit-db.com/exploits/45208 http://packetstormsecurity.com/files/148954/Pimcore-5.2.3-CSRF-Cross-Site-Scripting-SQL-Injection.html http://seclists.org/fulldisclosure/2018/Aug/13 https://www.sec-consult.com/en/blog/advisories/sql-injection-xss-csrf-vulnerabilities-in-pimcore-software • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 4CVE-2018-14059 – Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2018-14059
Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions. Pimcore permite Cross-Site Scripting (XSS) mediante las funciones Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value y Static Routes. Pimcore versions 5.2.3 and below suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. • https://www.exploit-db.com/exploits/45208 http://packetstormsecurity.com/files/148954/Pimcore-5.2.3-CSRF-Cross-Site-Scripting-SQL-Injection.html http://seclists.org/fulldisclosure/2018/Aug/13 https://www.sec-consult.com/en/blog/advisories/sql-injection-xss-csrf-vulnerabilities-in-pimcore-software • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-4426 – Pimcore CMS Build 3450 SQL Injection
https://notcve.org/view.php?id=CVE-2015-4426
SQL injection vulnerability in pimcore before build 3473 allows remote attackers to execute arbitrary SQL commands via the filter parameter to admin/asset/grid-proxy. Vulnerabilidad de inyección SQL en pimcore en versiones anteriores a build 3473, permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro filter a admin/asset/grid-proxy. Pimcore CMS build 3450 suffers from a remote SQL injection vulnerability. • http://seclists.org/fulldisclosure/2015/Jul/58 http://www.securityfocus.com/bid/75724 https://github.com/pimcore/pimcore/commit/1c6692e8287deed7f3356b6a1e2e9b7fe4e858dd https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-4426 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.9EPSS: 3%CPEs: 1EXPL: 2CVE-2015-4425 – Pimcore CMS Build 3450 - Directory Traversal
https://notcve.org/view.php?id=CVE-2015-4425
Directory traversal vulnerability in pimcore before build 3473 allows remote authenticated users with the "assets" permission to create or write to arbitrary files via a .. (dot dot) in the dir parameter to admin/asset/add-asset-compatibility. Vulnerabilidad de salto de directorio en pimcore en versiones anteriores a build 3473, permite a usuarios remotos autenticados con el permiso 'assets' crear o escribir archivos arbitrarios a través de un .. (punto punto) en el parámetro dir a admin/asset/add-asset-compatibility. • https://www.exploit-db.com/exploits/37609 http://seclists.org/fulldisclosure/2015/Jul/57 https://github.com/pimcore/pimcore/commit/4f2a95f877d406a054f9f2253475fe58c76aa03d https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-4425 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 6%CPEs: 4EXPL: 2CVE-2014-2921 – Pimcore CMS 1.4.9 <2.1.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-2921
The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via vectors involving a Zend_Pdf_ElementFactory_Proxy object and a pathname with a trailing \0 character. La función getObjectByToken en Newsletter.php en el módulo Pimcore_Tool_Newsletter en pimcore 1.4.9 hasta 2.0.0 no maneja debidamente un objeto obtenido deserializando dotas de búsqueda Lucene, lo que permite a atacantes remotos realizar ataques de inyección de objetos PHP y ejecutar código arbitrario a través de vectores involucrando un objeto Zend_Pdf_ElementFactory_Proxy y un nombre de ruta con un caracter \0 final. • https://www.exploit-db.com/exploits/43886 http://openwall.com/lists/oss-security/2014/04/21/1 http://www.pimcore.org/en/resources/blog/pimcore+2.2+released_b442 https://github.com/pedrib/PoC/blob/master/pimcore-2.1.0.txt • CWE-94: Improper Control of Generation of Code ('Code Injection') •