CVE-2025-5206
- EPSS 0.07%
- Veröffentlicht 26.05.2025 21:31:04
- Zuletzt bearbeitet 05.06.2025 14:14:49
A vulnerability classified as critical was found in Pixelimity 1.0. Affected by this vulnerability is an unknown functionality of the file /install/index.php of the component Installation. The manipulation of the argument site_description leads to sq...
CVE-2022-28589
- EPSS 0.24%
- Veröffentlicht 03.05.2022 14:15:08
- Zuletzt bearbeitet 21.11.2024 06:57:33
A stored cross-site scripting (XSS) vulnerability in Pixelimity 1.0 allows attackers to execute arbitrary web scripts or HTML via the Title field in admin/pages.php?action=add_new
CVE-2022-28590
- EPSS 39.32%
- Veröffentlicht 03.05.2022 14:15:08
- Zuletzt bearbeitet 21.11.2024 06:57:33
A Remote Code Execution (RCE) vulnerability exists in Pixelimity 1.0 via admin/admin-ajax.php?action=install_theme.
CVE-2021-42866
- EPSS 0.24%
- Veröffentlicht 31.03.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 06:28:14
A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php
CVE-2021-29056
- EPSS 0.2%
- Veröffentlicht 17.08.2021 18:15:07
- Zuletzt bearbeitet 21.11.2024 06:00:36
Cross Site Scripting (XSS) vulnerability exists in Pixelimity 1.0 via the HTTP POST parameter to admin/setting.php.
CVE-2020-23522
- EPSS 0.19%
- Veröffentlicht 19.01.2021 13:15:11
- Zuletzt bearbeitet 21.11.2024 05:13:50
Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter.
CVE-2018-19919
- EPSS 0.24%
- Veröffentlicht 06.12.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:58:48
Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php data[title] parameter, as demonstrated by a crafted onload attribute of an SVG element.