CVE-2012-2274
- EPSS 3.26%
- Veröffentlicht 13.08.2012 23:55:00
- Zuletzt bearbeitet 16.06.2026 23:41:16
Cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php in PivotX 2.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the file parameter.
CVE-2011-1035
- EPSS 4.02%
- Veröffentlicht 19.02.2011 01:00:03
- Zuletzt bearbeitet 16.06.2026 23:28:35
The password reset in PivotX before 2.2.4 allows remote attackers to modify the passwords of arbitrary users via unspecified vectors.
CVE-2011-0772
- EPSS 2.52%
- Veröffentlicht 04.02.2011 01:00:10
- Zuletzt bearbeitet 16.06.2026 23:28:02
Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) color parameter to includes/blogroll.php or (2) src parameter to ...
CVE-2011-0773
- EPSS 2.36%
- Veröffentlicht 04.02.2011 01:00:10
- Zuletzt bearbeitet 16.06.2026 23:28:02
Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the image parameter.
- EPSS 1.35%
- Veröffentlicht 04.02.2011 01:00:10
- Zuletzt bearbeitet 16.06.2026 23:28:02
PivotX before 2.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) includes/ping.php and (2) includes/spamping.php, which reveals the installation path in an error message.
- EPSS 1.24%
- Veröffentlicht 04.02.2011 01:00:10
- Zuletzt bearbeitet 16.06.2026 23:28:02
pivotx/modules/module_image.php in PivotX 2.2.2 allows remote attackers to obtain sensitive information via a non-existent file in the image parameter, which reveals the installation path in an error message. NOTE: the provenance of this information...