156 matches found
CVE-2011-0774
PivotX before 2.2.2 has an information-disclosure vulnerability: direct requests to includes/ping.php and includes/spamping.php reveal the installation path in an error message. Affected: PivotX (version prior to 2.2.2). Root cause: error messaging exposes installation path, enabling partial conf...
CVE-2011-0775
PivotX 2.2.2 is affected by a vulnerability in pivotx/modules/module_image.php where an invalid image parameter triggers an error message that reveals the installation path, enabling information disclosure. The root cause is an error message disclosure when the image parameter references a non-ex...
CVE-2011-0772
PivotX is affected by CVE-2011-0772: multiple XSS vulnerabilities in PivotX 2.2.0 and possibly earlier versions before 2.2.2. The root cause is insufficient input sanitization in two parameters: color in includes/blogroll.php and src in includes/timwrapper.php, allowing remote attackers to inject...
PivotX 'module_image.php' Cross Site Scripting Vulnerability
PivotX is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
PivotX 2.2 - pivotxincludesblogroll.php?color Cross-Site Scripting
PivotX 2.2 - pivotxincludesblogroll.php?color Cross-Site Scripting source: https://www.securityfocus.com/bid/45996/info PivotX is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
PivotX 2.2.2 - module_image.php Cross-Site Scripting
PivotX 2.2.2 - moduleimage.php Cross-Site Scripting source: https://www.securityfocus.com/bid/45983/info PivotX is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in th...
HTB22789: Path disclousure in Pivotx
Vulnerability ID: HTB22789 Reference: http://www.htbridge.ch/advisory/pathdisclousureinpivotx.html Product: Pivotx Vendor: Pivotx Team http://pivotx.net/ Vulnerable Version: 2.2.0 Vendor Notification: 11 January 2011 Vulnerability Type: Path disclosure Status: Awaiting Vendor Solution Risk level:...
PivotX 2.2.2 Cross Site Scripting
------------------------------------------------------------------------ Software................PivotX 2.2.2 Vulnerability...........Reflected Cross-site Scripting Download................http://pivotx.net/ Release Date............1/23/2011 Tested On...............Windows Vista + XAMPP...
PivotX 2.2 - pivotxincludestimwrapper.php?src Cross-Site Scripting
PivotX 2.2 - pivotxincludestimwrapper.php?src Cross-Site Scripting source: https://www.securityfocus.com/bid/45996/info PivotX is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
HTB22788: XSS in Pivotx
Vulnerability ID: HTB22788 Reference: http://www.htbridge.ch/advisory/xssinpivotx.html Product: Pivotx Vendor: Pivotx Team http://pivotx.net/ Vulnerable Version: 2.2.0 Vendor Notification: 11 January 2011 Vulnerability Type: XSS Cross Site Scripting Status: Awaiting Vendor Solution Risk level:...
HTB22790: XSS in Pivotx
Vulnerability ID: HTB22790 Reference: http://www.htbridge.ch/advisory/xssinpivotx1.html Product: Pivotx Vendor: Pivotx Team http://pivotx.net/ Vulnerable Version: 2.2.0 Vendor Notification: 11 January 2011 Vulnerability Type: XSS Cross Site Scripting Status: Awaiting Vendor Solution Risk level:...
Pivotx 2.2.0 Cross Site Scripting / Path Disclosure
================================== Vulnerability ID: HTB22788 Reference: http://www.htbridge.ch/advisory/xssinpivotx.html Product: Pivotx Vendor: Pivotx Team http://pivotx.net/ Vulnerable Version: 2.2.0 Vendor Notification: 11 January 2011 Vulnerability Type: XSS Cross Site Scripting Status:...
PivotX 2.2 - '/pivotx/includes/timwrapper.php?src' Cross-Site Scripting
source: https://www.securityfocus.com/bid/45996/info PivotX is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
PivotX 2.2 - '/pivotx/includes/blogroll.php?color' Cross-Site Scripting
source: https://www.securityfocus.com/bid/45996/info PivotX is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
PivotX 2.2.2 - 'module_image.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/45983/info PivotX is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
Multiple Vulnerabilities in Pivotx
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pivotx which could be exploited to perform cross-site scripting attacks and disclose potentially sensitive information. 1 Cross-site scripting XSS vulnerabilities in Pivotx: CVE-2011-0772 1.1 The vulnerability...