Search Results | AttackerKB

Show filters

Topics 144 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

144 Total Results

Displaying 51-60 of 144

Attacker Value

Unknown

CVE-2023-30848

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the admin search find API has a SQL injection vulnerability. Users should upgrade to version 10.5.21 to receive a patch or, as a workaround, apply the patch manually.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-2343

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.21.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-2342

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-2341

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-2340

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-2339

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-2338

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.21.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-2336

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

Path Traversal in GitHub repository pimcore/pimcore prior to 10.5.21.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-2328

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-2327

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21.

Attack Vector: Network Privileges: Low User Interaction: Required

0