CVE-2026-5394 | Pimcore 12.3.3 DataObject sql injection

Inserito da Angelo Barbosa | Apr 27, 2026 | CVE

A vulnerability was found in Pimcore 12.3.3. It has been rated as critical. Affected by this issue is the function DataObject. Performing a manipulation results in sql injection.

This vulnerability is reported as CVE-2026-5394. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-5394 | Pimcore 12.3.3 DataObject sql injection

Post correlati

CVE-2024-27238 | Zoom Workplace Desktop App/Rooms App/Meeting SDK on Windows race condition (ZSB-24021)

CVE-2023-48378 | Softnext Mail SQR Expert up to 230330 URL path traversal

CVE-2024-4627 | Rank Math SEO Plugin up to 1.0.218 on WordPress Setting cross site scripting

CVE-2024-30299 | Adobe Framemaker Publishing Server up to 2020.3/2022.2 improper authentication (apsb24-38)