| CVE-2017-9332 |
|
Medium |
Jun 06, 2017 |
The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty
more...
The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag.
less...
|
2.3.11
|
| CVE-2017-8402 |
|
High |
May 31, 2017 |
PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file.
PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file.
less...
|
2.3.11
|
| CVE-2017-7570 |
|
High |
Apr 07, 2017 |
PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg
more...
PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension.
less...
|
2.3.11
|
| CVE-2017-14958 |
|
High |
Oct 02, 2017 |
lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload o
more...
lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file.
less...
|
2.3.11
|
| BDSA-2016-0755 |
|
High |
Nov 15, 2017 |
PivotX is a tool to create weblogs without the need of a database. It contains a vulnerability within the file upload functionality where there exists
more...
PivotX is a tool to create weblogs without the need of a database. It contains a vulnerability within the file upload functionality where there exists a check for malicious file extensions when uploading a file however, if a file is renamed there is no check in place for the extension type. This could allow an attacker to upload a shell and perform remote code execution. A high level user account such as an advanced user, admin or superadmin privileges is needed to exploit this vulnerability.
The open source project is no longer being supported by the vendor since the last release. (21/06/2015)
less...
|
|
| BDSA-2016-0753 |
|
High |
Nov 16, 2017 |
PivotX is a tool to create weblogs without the need of a database. It contains a blind SQL injection vulnerability within the `index.php` file in the v
more...
PivotX is a tool to create weblogs without the need of a database. It contains a blind SQL injection vulnerability within the `index.php` file in the vulnerable parameter `del` due to the failure of proper input validation. An attacker is able to gain sensitive information and compromise the database. An attacker must be authenticated as an administrator to exploit this vulnerability.
The open source project is no longer being supported by the vendor since the last release. (21/06/2015)
less...
|
|
| BDSA-2016-0750 |
|
Critical |
Nov 16, 2017 |
PivotX is a tool to create weblogs without the need of a database. It contains a cross-site scripting (*XSS*) vulnerability due to improperly validati
more...
PivotX is a tool to create weblogs without the need of a database. It contains a cross-site scripting (*XSS*) vulnerability due to improperly validating user-supplied data. An attacker can exploit this to include script code within the URL to steal the victim's session cookies and craft other attacks. The vulnerable parameter is `additionalpath`. The victim must click the attacker's crafted link or webpage to succeed in exploitation.
The open source project is no longer being supported by the vendor since the last release. (21/06/2015)
less...
|
|
| BDSA-2016-0745 |
|
Critical |
Nov 24, 2017 |
PivotX is a tool to create weblogs without the need of a database. It contains a cross-site request forgery (*CSRF*) and multiple cross-site scripting
more...
PivotX is a tool to create weblogs without the need of a database. It contains a cross-site request forgery (*CSRF*) and multiple cross-site scripting (*XSS*) vulnerabilities within the file `render.php` due to improper validation on user-supplied data and security checks. An attacker can craft a malicious request which the application will believe has been sent knowingly by a victim which includes script code within the URL to steal the victim's session cookies and craft other attacks. The victim must click the attacker's crafted link or webpage to succeed in exploitation. The vulnerable parameters are `title`, `subtitle`, `introduction`, `body` and `author`.
The open source project is no longer being supported by the vendor since the last release. (21/06/2015)
less...
|
|
| BDSA-2016-0740 |
|
Medium |
Oct 27, 2017 |
PivotX CMS is a tool to create weblogs without the need of a database. It contains a relative path traversal vulnerability that allows admins and super
more...
PivotX CMS is a tool to create weblogs without the need of a database. It contains a relative path traversal vulnerability that allows admins and super admins to read and delete files outside of the Pivotx directory. The function `cleanPath` is responsible for sanitizing path names however an attacker is able to bypass this and traverse through directories. The vulnerable parameter `file` allows an attacker to read any file and the vulnerable parameter `del` allows an attacker to delete any file which can lead to denial of service (*DoS*) attack.
Note: The open source project is no longer being supported by the vendor since the last release. (21/06/2015)
less...
|
|