Home/Product/pimcore admin classic bundle
Product

pimcore admin classic bundle

14 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-23495
< 1.7.16
Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. Prior to 2.2.3 and 1.7.16, the API endpoint for listing Predefin
4.3MEDIUM
 CVE-2025-30166
< 1.7.6
Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An HTML injection issue allows users with access to the email se
4.8MEDIUM
 CVE-2025-24980
< 1.7.4.1
pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accoun
5.3MEDIUM
 CVE-2024-41109
< 1.3.10
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Navigating to /admin/index/statistics with a logge
6.3MEDIUM
 CVE-2024-25625
< 1.3.4
Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. A potential security vulnerability has been discovered in `pimco
8.1HIGH
 CVE-2024-24822
< 1.3.3
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Prior to version 1.3.3, an attacker can create, dele
6.5MEDIUM
 CVE-2024-23646
>= 1.0.0 and < 1.3.2
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The application allows users to create zip files fro
8.8HIGH
 CVE-2024-23648
< 1.2.3
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The password reset functionality sends to the us
8.8HIGH
 CVE-2023-49075
< 1.2.2
The Admin Classic Bundle provides a Backend UI for Pimcore. AdminBundle\Security\PimcoreUserTwoFactorCondition introduced in v11
8.4HIGH
 CVE-2023-47636
< 1.2.1
The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Full Path Disclosure (FPD) vulnerabilities enable the attacker
5.3MEDIUM
 CVE-2023-46722
< 1.2.0
The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability h
6.1MEDIUM
 CVE-2023-5844
<= 1.1.4
Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0.
7.2HIGH
 CVE-2023-42817
< 1.1.2
Pimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. The translation value with text including “%s” (from “%su
5.4MEDIUM
 CVE-2023-37280
< 1.0.3
Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based on the ExtJS framework. An admin who has not setup two factor
5.0MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin