CVE-2024-23646
Summary
| CVE | CVE-2024-23646 |
| State | PUBLISHED |
| Assigner | Unknown |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2024-01-24 20:15:00 UTC |
| Updated | 2024-01-31 21:10:00 UTC |
| Description | Description unavailable. |
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| SQL Injection in Admin download files as zip · Advisory · pimcore/admin-ui-classic-bundle · GitHub |
|
github.com |
|
| admin-ui-classic-bundle/src/Controller/Admin/Asset/AssetController.php at 1.x · pimcore/admin-ui-classic-bundle · GitHub |
|
github.com |
|
| Release 1.3.2 · pimcore/admin-ui-classic-bundle · GitHub |
|
github.com |
|
| fix: add quote for ids processed in downloadAsZipAddFilesAction metho… · pimcore/admin-ui-classic-bundle@363afef · GitHub |
|
github.com |
|
| admin-ui-classic-bundle/src/Controller/Admin/Asset/AssetController.php at 1.x · pimcore/admin-ui-classic-bundle · GitHub |
|
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 996865 PHP (Composer) Security Update for pimcore/admin-ui-classic-bundle (GHSA-cwx6-4wmf-c6xv)