Atrocore

atrocore

3 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-0696 1Atrocore 1Atropim Nov 21, 2024 Jan 18, 2024 N/A· v4 6.1 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability, which was classified as problematic, was found in AtroCore AtroPIM 1.8.4. This affects an unknown part of the file /#ProductSerie/view/ of the component Product Series Overview. The manipulation leads to...Show more A vulnerability, which was classified as problematic, was found in AtroCore AtroPIM 1.8.4. This affects an unknown part of the file /#ProductSerie/view/ of the component Product Series Overview. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251481 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-26969 1Atrocore 1Atropim Feb 7, 2025 Apr 14, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Atropim 1.5.26 is vulnerable to Directory Traversal.
CVE-2023-26968 1Atrocore 1Atrocore Jun 17, 2026 Mar 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In Atrocore 1.5.25, the Create Import Feed option with glyphicon-glyphicon-paperclip function is vulnerable to Unauthenticated File upload.