PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension.
Max CVSS
8.8
EPSS Score
0.38%
Published
2017-04-07
Updated
2017-04-13
PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file.
Max CVSS
8.8
EPSS Score
0.26%
Published
2017-05-31
Updated
2017-06-08
The password reset in PivotX before 2.2.4 allows remote attackers to modify the passwords of arbitrary users via unspecified vectors.
Max CVSS
7.5
EPSS Score
2.02%
Published
2011-02-19
Updated
2017-08-17
Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.78%
Published
2014-04-15
Updated
2014-04-15
PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php.
Max CVSS
7.5
EPSS Score
4.36%
Published
2015-07-08
Updated
2018-10-09
lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file.
Max CVSS
7.2
EPSS Score
0.10%
Published
2017-10-02
Updated
2017-10-06
Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter.
Max CVSS
6.8
EPSS Score
2.53%
Published
2015-07-08
Updated
2018-10-09
The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag.
Max CVSS
6.1
EPSS Score
0.08%
Published
2017-06-06
Updated
2017-06-14
PivotX before 2.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) includes/ping.php and (2) includes/spamping.php, which reveals the installation path in an error message.
Max CVSS
5.0
EPSS Score
0.36%
Published
2011-02-04
Updated
2011-02-22
pivotx/modules/module_image.php in PivotX 2.2.2 allows remote attackers to obtain sensitive information via a non-existent file in the image parameter, which reveals the installation path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
5.0
EPSS Score
0.38%
Published
2011-02-04
Updated
2017-08-17
Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) color parameter to includes/blogroll.php or (2) src parameter to includes/timwrapper.php.
Max CVSS
4.3
EPSS Score
1.86%
Published
2011-02-04
Updated
2018-10-09
Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the image parameter.
Max CVSS
4.3
EPSS Score
2.66%
Published
2011-02-04
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php in PivotX 2.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the file parameter.
Max CVSS
4.3
EPSS Score
0.30%
Published
2012-08-13
Updated
2012-09-29
Cross-site scripting (XSS) vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the "PHP_SELF" variable and form actions.
Max CVSS
4.3
EPSS Score
0.41%
Published
2015-07-08
Updated
2018-10-09
Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to objects.php; or the (5) email or (6) nickname field to pages.php, related to templates_internal/users.tpl.
Max CVSS
3.5
EPSS Score
0.17%
Published
2014-04-15
Updated
2015-07-24
15 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!