CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24980 – User enumeration in pimcore/admin-ui-classic-bundle
https://notcve.org/view.php?id=CVE-2025-24980
07 Feb 2025 — pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accounts and leads to user enumeration on the target via "Forgot password" function. No generic error message has been implemented. This issue has been addressed in version 1.7.4 and all users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-vr5f-php7-rg24 • CWE-204: Observable Response Discrepancy •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41109 – Pimcore vulnerable to disclosure of system and database information behind /admin firewall
https://notcve.org/view.php?id=CVE-2024-41109
30 Jul 2024 — Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Navigating to `/admin/index/statistics` with a logged in Pimcore user exposes information about the Pimcore installation, PHP version, MYSQL version, installed bundles and all database tables and their row count in the system. This vulnerability is fixed in 1.5.2, 1.4.6, and 1.3.10. • https://github.com/pimcore/admin-ui-classic-bundle/blob/1.x/src/Controller/Admin/IndexController.php#L125C24-L125C40 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25625 – Pimcore Host Header Injection in user invitation link
https://notcve.org/view.php?id=CVE-2024-25625
19 Feb 2024 — Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. A potential security vulnerability has been discovered in `pimcore/admin-ui-classic-bundle` prior to version 1.3.4. The vulnerability involves a Host Header Injection in the `invitationLinkAction` function of the UserController, specifically in the way `$loginUrl` trusts user input. The host header from incoming HTTP requests is used unsafely when generating URLs. An attacker can manipulate the HTTP host header in requests to the /admin/user/... • https://github.com/pimcore/admin-ui-classic-bundle/commit/b9fee9d383fc73dbd5e1d98dbb0ff3266d6b5a82 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24822 – Pimcore Admin Classic Bundle permissions are not getting checked when working with tags
https://notcve.org/view.php?id=CVE-2024-24822
07 Feb 2024 — Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Prior to version 1.3.3, an attacker can create, delete etc. tags without having the permission to do so. A fix is available in version 1.3.3. As a workaround, one may apply the patch manually. El paquete Admin Classic de Pimcore proporciona una interfaz de usuario backend para Pimcore. • https://github.com/pimcore/admin-ui-classic-bundle/commit/24660b6d5ad9cbcb037a48d4309a6024e9adf251 • CWE-862: Missing Authorization •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-23646 – Pimcore Admin Classic Bundle SQL Injection in Admin download files as zip
https://notcve.org/view.php?id=CVE-2024-23646
24 Jan 2024 — Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The application allows users to create zip files from available files on the site. In the 1.x branch prior to version 1.3.2, parameter `selectedIds` is susceptible to SQL Injection. Any backend user with very basic permissions can execute arbitrary SQL statements and thus alter any data or escalate their privileges to at least admin level. Version 1.3.2 contains a fix for this issue. • https://github.com/pimcore/admin-ui-classic-bundle/blob/1.x/src/Controller/Admin/Asset/AssetController.php#L2006 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-23648 – Pimcore Admin Classic Bundle host header injection in the password reset
https://notcve.org/view.php?id=CVE-2024-23648
24 Jan 2024 — Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The password reset functionality sends to the the user requesting a password change an email containing an URL to reset its password. The URL sent contains a unique token, valid during 24 hours, allowing the user to reset its password. This token is highly sensitive ; as an attacker able to retrieve it would be able to resets the user's password. Prior to version 1.2.3, the reset-password URL is crafted using the "Host" HTTP heade... • https://github.com/pimcore/admin-ui-classic-bundle/commit/70f2205b5a5ea9584721d4f3e803f4d0dd5e4655 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49075 – Pimcore Admin UI has Two Factor Authentication disabled for non admin security firewalls
https://notcve.org/view.php?id=CVE-2023-49075
28 Nov 2023 — The Admin Classic Bundle provides a Backend UI for Pimcore. `AdminBundle\Security\PimcoreUserTwoFactorCondition` introduced in v11 disable the two factor authentication for all non-admin security firewalls. An authenticated user can access the system without having to provide the two factor credentials. This issue has been patched in version 1.2.2. El paquete Admin Classic proporciona una interfaz de usuario backend para Pimcore. • https://github.com/pimcore/admin-ui-classic-bundle/commit/e412b0597830ae564a604e2579eb40e76f7f0628 • CWE-308: Use of Single-factor Authentication •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47636 – Full Path Disclosure via re-export document in pimcore/admin-ui-classic-bundle
https://notcve.org/view.php?id=CVE-2023-47636
15 Nov 2023 — The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the load_file() (within a SQL Injection) query to view the page source, require the attacker to have the full path to the file they wish to view. In the case of pimcore, the fopen() function here doesn't have an error handle when the file doesn't exist on the server so the s... • https://github.com/pimcore/admin-ui-classic-bundle/commit/10d178ef771097604a256c1192b098af9ec57a87 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46722 – Pimcore Admin Classic Bundle Cross-site Scripting (XSS) in PDF previews
https://notcve.org/view.php?id=CVE-2023-46722
31 Oct 2023 — The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Users should upgrade to version 1.2.0 to receive a patch or, as a workaround, apply the patch manually. El paquete Pimcore Admin Classic proporciona una interfaz de usuario de backend para Pimcore. Antes de la versión ... • https://github.com/pimcore/admin-ui-classic-bundle/commit/19fda2e86557c2ed4978316104de5ccdaa66d8b9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5844 – Unverified Password Change in pimcore/admin-ui-classic-bundle
https://notcve.org/view.php?id=CVE-2023-5844
30 Oct 2023 — Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0. Cambio de contraseña no verificado en el repositorio de GitHub pimcore/admin-ui-classic-bundle anterior a 1.2.0. • https://github.com/pimcore/admin-ui-classic-bundle/commit/498ac77e54541177be27b0c710e387c47b3836ea • CWE-287: Improper Authentication CWE-620: Unverified Password Change •