Pimcore Admin-ui-classic-bundle
12 CVEs affecting Pimcore Admin-ui-classic-bundle. Latest disclosed: 2025-04-08. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-23646 | High | 8.8 | 2024-01-24 | Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The application allows users to create zip files from available files on the site… |
CVE-2024-23648 | High | 8.8 | 2024-01-24 | Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The password reset functionality sends to the the user requesting a password chan… |
CVE-2023-49075 | High | 8.5 | 2023-11-28 | The Admin Classic Bundle provides a Backend UI for Pimcore. `AdminBundle\Security\PimcoreUserTwoFactorCondition` introduced in v11 disable the two factor authe… |
CVE-2024-25625 | High | 8.1 | 2024-02-19 | Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. A potential security vulnerability has been discovered in `pimcore/admin-ui-classic-bundle` p… |
CVE-2024-24822 | Medium | 6.5 | 2024-02-07 | Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Prior to version 1.3.3, an attacker can create, delete etc. tags without having t… |
CVE-2024-41109 | Medium | 6.3 | 2024-07-30 | Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Navigating to `/admin/index/statistics` with a logged in Pimcore user exposes inf… |
CVE-2023-46722 | Medium | 6.1 | 2023-10-31 | The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerability has the potential to steal a u… |
CVE-2023-42817 | Medium | 5.4 | 2023-09-25 | Pimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. The translation value with text including “%s” (from “%suggest%) is parsed by sprintf() even… |
CVE-2023-47636 | Medium | 5.3 | 2023-11-15 | The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webro… |
CVE-2023-37280 | Medium | 5.0 | 2023-07-11 | Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based on the ExtJS framework. An admin who has not setup two factor authentication before is vul… |
CVE-2025-30166 | | 2025-04-08 | Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An HTML injection issue allows users with access to the email sending functionality to inject… | |
CVE-2025-24980 | | 2025-02-07 | pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accounts and leads to user enumerat… |