Lucene search
+L

156 matches found

seebug.org
seebug.org
added 2016/04/06 12:0 a.m.15 views

PivotX 2.3.11 - Directory Traversal

No description provided by source...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/03/18 12:0 a.m.41 views

PivotX 2.3.11 Shell Upload

Security Advisory - Curesec Research Team 1. Introduction Affected Product: PivotX 2.3.11 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 01/20/2016 Disclosed to public: 03/15/2016 Releas...

Exploits0
Packet Storm
Packet Storm
added 2016/03/18 12:0 a.m.37 views

PivotX 2.3.11 Directory Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product: PivotX 2.3.11 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Directory Traversal Remote Exploitable: Yes Reported to vendor: 01/20/2016 Disclosed to public: 03/15/2016...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2016/03/18 12:0 a.m.35 views

PivotX 2.3.11 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: PivotX 2.3.11 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Reflected XSS Remote Exploitable: Yes Reported to vendor: 01/20/2016 Disclosed to public: 03/15/2016 Release...

Exploits0
0day.today
0day.today
added 2016/03/17 12:0 a.m.26 views

PivotX 2.3.11 - Directory Traversal

Exploit for php platform in category web applications 1. Introduction Affected Product: PivotX 2.3.11 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Directory Traversal Remote Exploitable: Yes Reported to vendor: 01/20/2016 Disclosed to public:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2016/03/17 12:0 a.m.26 views

PivotX 2.3.11 - Directory Traversal

PivotX 2.3.11 - Directory Traversal Security Advisory - Curesec Research Team 1. Introduction Affected Product: PivotX 2.3.11 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Directory Traversal Remote Exploitable: Yes Reported to vendor: 01/20/20...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2016/03/17 12:0 a.m.32 views

PivotX 2.3.11 - Directory Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product: PivotX 2.3.11 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Directory Traversal Remote Exploitable: Yes Reported to vendor: 01/20/2016 Disclosed to public: 03/15/2016...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/02/11 12:0 a.m.27 views

PivotX CMS 2.3.10 Cross Site Request Forgery / Cross Site Scripting

" " " " "...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.17 views

FreeBSD : pivotx -- XSS (XSS) vulnerability (14d846d6-27b3-11e5-a15a-50af736ef1c0)

pivotx reports : cross-site scripting XSS vulnerability in the nickname and possibly the email field. Mitigated by the fact that an attacker must have a PivotX account. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

3.5CVSS5.3AI score0.01909EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.28 views

FreeBSD : pivotx -- Multiple unrestricted file upload vulnerabilities (7313b0e3-27b4-11e5-a15a-50af736ef1c0)

Pivotx reports : Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .php or 2 .php extension, and then accessing it via unspecified vectors. %NASLMINLEVEL 70300 C...

3.5CVSS5.7AI score0.01909EPSS
Exploits2References2
CNVD
CNVD
added 2015/07/10 12:0 a.m.5 views

Pivotx Session Fixation Vulnerability

Pivotx is an open source blog content management system Blog CMS. The system supports built-in comment review, spam protection and template replacement. A session fixation vulnerability exists in the fileupload.php file in Pivotx versions prior to 2.3.11. A remote attacker can exploit this...

6.8CVSS6.9AI score0.02474EPSS
Exploits1References1
CNVD
CNVD
added 2015/07/10 12:0 a.m.6 views

Pivotx Cross-Site Scripting Vulnerability

Pivotx is an open source blog content management system Blog CMS. The system supports built-in comment review, spam protection and template replacement. A cross-site scripting vulnerability exists in the 'form' method in the modules/formclass.php script in versions prior to Pivotx 2.3.11. A remot...

4.3CVSS6AI score0.02075EPSS
Exploits1References1
CNVD
CNVD
added 2015/07/10 12:0 a.m.7 views

Pivotx Arbitrary Code Execution Vulnerability

Pivotx is an open source blog content management system Blog CMS. The system supports built-in comment review, spam protection and template replacement. A security vulnerability exists in Pivotx versions prior to 2.3.11, which stems from the program failing to validate a new file extension when...

7.5CVSS7.8AI score0.04681EPSS
Exploits1References1
NVD
NVD
added 2015/07/08 3:59 p.m.14 views

CVE-2015-5458

Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter...

6.8CVSS6.7AI score0.02474EPSS
Exploits1References6
NVD
NVD
added 2015/07/08 3:59 p.m.13 views

CVE-2015-5457

PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php...

7.5CVSS7.7AI score0.04681EPSS
Exploits1References6
NVD
NVD
added 2015/07/08 3:59 p.m.25 views

CVE-2015-5456

Cross-site scripting XSS vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO, related to the "PHPSELF" variable and form actions...

4.3CVSS5.7AI score0.02075EPSS
Exploits1References6
Prion
Prion
added 2015/07/08 3:59 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO, related to the "PHPSELF" variable and form actions...

4.3CVSS6.2AI score0.02075EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2015/07/08 3:59 p.m.16 views

Design/Logic Flaw

PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php...

7.5CVSS8.2AI score0.04681EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2015/07/08 3:59 p.m.22 views

Session fixation

Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter...

6.8CVSS7.2AI score0.02474EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2015/07/08 3:0 p.m.18 views

CVE-2015-5458

Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter...

6.7AI score0.02474EPSS
Exploits1References6
Rows per page
Query Builder