Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivotx pivotx vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-9332
The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag.
Pivotx Pivotx 2.3.11
8.8
CVSSv3
CVE-2017-8402
PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file.
Pivotx Pivotx 2.3.11
NA
CVE-2011-0774
PivotX prior to 2.2.2 allows remote malicious users to obtain sensitive information via a direct request to (1) includes/ping.php and (2) includes/spamping.php, which reveals the installation path in an error message.
Pivotx Pivotx 2.2.2
NA
CVE-2011-0775
pivotx/modules/module_image.php in PivotX 2.2.2 allows remote malicious users to obtain sensitive information via a non-existent file in the image parameter, which reveals the installation path in an error message. NOTE: the provenance of this information is unknown; the details ...
Pivotx Pivotx 2.2.2
7.2
CVSSv3
CVE-2017-14958
lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file.
Pivotx Pivotx 2.3.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2