CVE-2021-31869

Summary

Pimcore AdminBundle version 6.8.0 and earlier suffers from a SQL injection issue in the specificID variable used by the application. This issue was fixed in version 6.9.4 of the product.

Affected Software

VendorProductVersion RangeStatus
PimcorePimcore AdminBundle6.8.0 <= 6.8.0affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References