Back to directory

WRITEUP #1181

Pimcore: One click, two security vulnerabilities

SQL InjectionPath traversalArbitrary file writeRCESecurity code review

by@YNizry(Yaniv Nizry)

Program

Pimcore

Published

May 15, 2023

Added to HackDex

May 18, 2023

Read Full Writeuphttps://www.sonarsource.com/blog/pimcore-one-click-two-security-vulnerabilities/

▸ RELATED WRITEUPS

Traccar 5 Remote Code Execution Vulnerabilities

RCEUnrestricted file upload

Exploiting authorization by nonce in WordPress plugins

RCEArbitrary file upload

Path Traversal and Code Execution in CSLA.NET (CVE-2024-28698)

RCEPath traversal

Studying 0days: How we hacked Anki, the world's most popular flashcard app

RCEComponents with known vulnerabilities

We hacked Anki - 0 day exploit from studying someone elses flashcards

RCEComponents with known vulnerabilities

Built with ❤️ by Shubham Rawat