📦 Admin Classic Bundle
by Pimcore
🔍 What is Admin Classic Bundle?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This CVE describes a Host Header Injection vulnerability in Pimcore's Admin Classic Bundle that allows attackers to manipulate invitation email links. By sending crafted HTTP requests with malicious h...
This vulnerability in Pimcore's Admin Classic Bundle allows attackers to perform account takeover by manipulating password reset emails. Attackers can send password reset requests with a malicious Hos...
This vulnerability in Pimcore's Admin Classic Bundle disables two-factor authentication for non-admin security firewalls, allowing authenticated users to bypass 2FA requirements. It affects systems us...
This vulnerability allows unauthenticated attackers to change passwords for any user account in Pimcore's admin-ui-classic-bundle without verification. It affects all installations using versions prio...
This vulnerability allows authenticated backend users without proper permissions to access the complete list of Predefined Properties configurations in Pimcore's Admin Classic Bundle. It affects organ...
This vulnerability in pimcore/admin-ui-classic-bundle allows attackers to enumerate valid user accounts via the 'Forgot password' function due to improper error messages. Attackers can determine which...
This vulnerability in Pimcore's Admin Classic Bundle exposes sensitive system information to authenticated users. By accessing the /admin/index/statistics endpoint, attackers can obtain details about ...