CVE-2025-52367

Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field...

CVE-2025-52367

Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field...

CVE-2025-52367

Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field...

EUVD-2025-30753

Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field...

PT-2025-38986

Name of the Vulnerable Software and Affected Versions PivotX CMS version 3.0.0 RC 3 Description A Cross Site Scripting issue exists in PivotX CMS version 3.0.0 RC 3. This allows a remote attacker to execute arbitrary code through the subtitle field. Recommendations At the moment, there is no...

CVE-2025-52367

PivotX CMS 3.0.0 RC3 is affected by a Cross Site Scripting vulnerability in the title and subtitle fields that can lead to Remote Code Execution. The root cause, per exploit reports, is unsanitized data stored during page creation via PHP serialize in modules/pages_flat.php, with the vulnerabilit...

PivotX CMS has multiple vulnerabilities

PivotX CMS is an open source blog content management system Blog CMS. Cross-site scripting, directory traversal, and remote command execution vulnerabilities exist in PivotX CMS version 2.3.11. An attacker can use the vulnerabilities to steal cookie-based authentication, execute arbitrary command...

PivotX 2.3.11 Shell Upload

Security Advisory - Curesec Research Team 1. Introduction Affected Product: PivotX 2.3.11 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 01/20/2016 Disclosed to public: 03/15/2016 Releas...

PivotX CMS 2.3.10 Cross Site Request Forgery / Cross Site Scripting

" " " " "...