Pimcore Admin Classic Bundle - for Pimcore
Approved changes feed: RSS · Atom
cpe:2.3:a:pimcore:admin_classic_bundle:-:*:*:*:*:pimcore:*:*
part: a version: - update: *
| Vendor | Pimcore (115a8b86-56a6-5ce9-b491-b05cfe687e20) |
|---|---|
| Product | Admin Classic Bundle (cda90168-c100-5aa1-b867-54645c164c36) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | pimcore |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/okio |
purl2cpe | 2026-06-01 10:15:13.638091 |
pkg:deb/ubuntu/okio |
purl2cpe | 2026-06-01 10:15:13.638093 |
pkg:github/square/okio |
purl2cpe | 2026-06-01 10:15:13.638094 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-41109 |
vulnerable | 2026-06-03 14:56:34.013165 |
Pimcore vulnerable to disclosure of system and database information behind /admin firewall
MEDIUM (6.3)
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Navigating to `/admin/index/statistics` with a logged in Pimcore user exposes information about the Pimcore installation, PHP version, MYSQL version, installed bundles and all database tables and their row count in the system. This vulnerability is fixed in 1.5.2, 1.4.6, and 1.3.10.
Published: 2024-07-30T14:43:14.407Z
Updated: 2024-08-02T04:46:52.472Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.