Search criteria
48 vulnerabilities found for pivotx by pivotx
FKIE_CVE-2025-52367
Vulnerability from fkie_nvd - Published: 2025-09-22 19:15 - Updated: 2025-10-24 14:45
Severity ?
Summary
Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotx:pivotx:3.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D89FF03D-4F05-4285-9D2F-8AD4AEF753A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field."
}
],
"id": "CVE-2025-52367",
"lastModified": "2025-10-24T14:45:27.667",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-09-22T19:15:40.857",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://pivotx.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://medium.com/@hayton1088/cve-2025-52367-stored-xss-to-rce-via-privilege-escalation-in-pivotx-cms-v3-0-0-rc-3-a1b870bcb7b3"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://medium.com/@hayton1088/cve-2025-52367-stored-xss-to-rce-via-privilege-escalation-in-pivotx-cms-v3-0-0-rc-3-a1b870bcb7b3"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2017-14958
Vulnerability from fkie_nvd - Published: 2017-10-02 01:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://sourceforge.net/p/pivot-weblog/code/4490/ | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/p/pivot-weblog/code/4490/ | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3B3253-5D04-41EF-9ABF-2CE3551AF86D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file."
},
{
"lang": "es",
"value": "lib.php en PivotX 2.3.11 no bloquea correctamente las subidas de tipos de archivos peligrosos por parte de los usuarios administradores, lo que permite la ejecuci\u00f3n remota de c\u00f3digo PHP mediante la subida de un archivo .php."
}
],
"id": "CVE-2017-14958",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-02T01:29:00.470",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4490/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4490/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9332
Vulnerability from fkie_nvd - Published: 2017-06-06 14:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://sourceforge.net/p/pivot-weblog/code/4487/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/p/pivot-weblog/code/4487/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3B3253-5D04-41EF-9ABF-2CE3551AF86D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag."
},
{
"lang": "es",
"value": "La funci\u00f3n smarty_self en el archivo modules/module_smarty.php en PivotX versi\u00f3n 2.3.11, maneja inapropiadamente el URI, permitiendo una vulnerabilidad de XSS por medio de vectores que incluyan comillas en la etiqueta Smarty propia."
}
],
"id": "CVE-2017-9332",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-06T14:29:01.030",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4487/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4487/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-8402
Vulnerability from fkie_nvd - Published: 2017-05-31 04:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3B3253-5D04-41EF-9ABF-2CE3551AF86D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file."
},
{
"lang": "es",
"value": "PivotX versi\u00f3n 2.3.11, permite a los usuarios autenticados remotos ejecutar c\u00f3digo PHP arbitrario por medio de vectores que implican una carga de un archivo .htaccess."
}
],
"id": "CVE-2017-8402",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-31T04:29:00.177",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4489/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4489/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-7570
Vulnerability from fkie_nvd - Published: 2017-04-07 04:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3B3253-5D04-41EF-9ABF-2CE3551AF86D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension."
},
{
"lang": "es",
"value": "PivotX 2.3.11 permite a usuarios remotos Advanced autenticados ejecutar c\u00f3digo PHP arbitrario realizando una carga con una extensi\u00f3n de archivo segura (tal como .jpg) y luego invocando la funci\u00f3n duplicada para cambiar a la extensi\u00f3n .php."
}
],
"id": "CVE-2017-7570",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-07T04:59:00.160",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-5458
Vulnerability from fkie_nvd - Published: 2015-07-08 15:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotx:pivotx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD0A5F3-98FC-4569-B78D-DB4008301F82",
"versionEndIncluding": "2.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en fileupload.php en PivotX anterior a 2.3.11 permite a atacantes remotos secuestrar sesiones web a trav\u00e9s del par\u00e1metro sess."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/384.html\"\u003eCWE-384: Session Fixation\u003c/a\u003e",
"id": "CVE-2015-5458",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-08T15:59:11.380",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75577"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-5457
Vulnerability from fkie_nvd - Published: 2015-07-08 15:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotx:pivotx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD0A5F3-98FC-4569-B78D-DB4008301F82",
"versionEndIncluding": "2.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php."
},
{
"lang": "es",
"value": "PivotX anterior a 2.3.11 no valida la extensi\u00f3n de un fichero nuevo cuando renombra un fichero con m\u00faltiples extensiones, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante la subida de un fichero manipulado, tal y como fue demostrado mediante un fichero nombrado foo.php.php."
}
],
"id": "CVE-2015-5457",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-08T15:59:10.363",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/p/pivot-weblog/code/4452/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4451"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/p/pivot-weblog/code/4452/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75577"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-5456
Vulnerability from fkie_nvd - Published: 2015-07-08 15:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the "PHP_SELF" variable and form actions.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotx:pivotx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD0A5F3-98FC-4569-B78D-DB4008301F82",
"versionEndIncluding": "2.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the \"PHP_SELF\" variable and form actions."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en el m\u00e9todo Form en modules/formclass.php en PivotX anterior a 2.3.11 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de PATH_INFO, relacionado con la variable \u0027PHP_SELF\u0027 y acciones Form."
}
],
"id": "CVE-2015-5456",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-07-08T15:59:08.300",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/p/pivot-weblog/code/4457/tree//branches/2.3.x/pivotx/modules/formclass.php?diff=51a4cb5e34309d75c0d1612a:4456"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/p/pivot-weblog/code/4457/tree//branches/2.3.x/pivotx/modules/formclass.php?diff=51a4cb5e34309d75c0d1612a:4456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75577"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-0342
Vulnerability from fkie_nvd - Published: 2014-04-15 10:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pivotx | pivotx | * | |
| pivotx | pivotx | 2.1.0 | |
| pivotx | pivotx | 2.1.1 | |
| pivotx | pivotx | 2.1.2 | |
| pivotx | pivotx | 2.2.0 | |
| pivotx | pivotx | 2.2.0 | |
| pivotx | pivotx | 2.2.0 | |
| pivotx | pivotx | 2.2.0 | |
| pivotx | pivotx | 2.2.1 | |
| pivotx | pivotx | 2.2.2 | |
| pivotx | pivotx | 2.2.3 | |
| pivotx | pivotx | 2.2.5 | |
| pivotx | pivotx | 2.3.0 | |
| pivotx | pivotx | 2.3.2 | |
| pivotx | pivotx | 2.3.3 | |
| pivotx | pivotx | 2.3.5 | |
| pivotx | pivotx | 2.3.6 | |
| pivotx | pivotx | 2.3.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotx:pivotx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E358420F-288B-4AD9-9FEC-1B5E6BCC9581",
"versionEndIncluding": "2.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3990C45-2F1A-4E97-80CD-1BF07A6DEE84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "847926C5-EC16-420B-993F-D0C6991DD0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "101512B3-9573-45F0-8E23-ECCFBC7BC981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB36519-001A-446F-B680-2DCBF4A7C4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "D09514E0-221A-4A8C-BE34-CCCEDFBE54C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "A43A812E-D866-45AB-92DF-A5617279FC10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "179DBEB0-22A0-46EA-9E48-BC3A79C1E37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF74C6E-E55E-4C01-B4C9-6BB60D57E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47F90583-61D3-42C2-9819-4AC507B1CC95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7925A020-5937-4C46-BAA9-06346E3F0A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9F054EB0-C027-427C-B95E-A8C1B657D45F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C195C336-C3AE-44FC-B711-201173E13A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5412F2-CF80-4082-A9D3-985CE8A1AB2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21685794-283D-4C6E-BC59-AA4769BEE5AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "33E97ECB-93F4-41C9-84F5-E59F9A5B249C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2BA04E-2C8B-46C8-AB95-BB62F1DC2404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A720BF-6AD1-479C-9264-012577F22EB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de subida de archivos no restringida en fileupload.php en PivotX anterior a 2.3.9 permiten a usuarios remotos autenticados ejecutar c\u00f3digo PHP arbitrario mediante la subida de un archivo con una extensi\u00f3n (1) .php o (2) .php#, y despu\u00e9s acceder a ella a trav\u00e9s de vectores no especificados."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/434.html\n\n\"CWE-434: Unrestricted Upload of File with Dangerous Type\"",
"id": "CVE-2014-0342",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-15T10:55:11.900",
"references": [
{
"source": "cret@cert.org",
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"source": "cret@cert.org",
"url": "http://pivotx.net/page/security"
},
{
"source": "cret@cert.org",
"url": "http://sourceforge.net/p/pivot-weblog/code/4347/"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://pivotx.net/page/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/p/pivot-weblog/code/4347/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-0341
Vulnerability from fkie_nvd - Published: 2014-04-15 10:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to objects.php; or the (5) email or (6) nickname field to pages.php, related to templates_internal/users.tpl.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pivotx | pivotx | * | |
| pivotx | pivotx | 2.1.0 | |
| pivotx | pivotx | 2.1.1 | |
| pivotx | pivotx | 2.1.2 | |
| pivotx | pivotx | 2.2.0 | |
| pivotx | pivotx | 2.2.0 | |
| pivotx | pivotx | 2.2.0 | |
| pivotx | pivotx | 2.2.0 | |
| pivotx | pivotx | 2.2.1 | |
| pivotx | pivotx | 2.2.2 | |
| pivotx | pivotx | 2.2.3 | |
| pivotx | pivotx | 2.2.5 | |
| pivotx | pivotx | 2.3.0 | |
| pivotx | pivotx | 2.3.2 | |
| pivotx | pivotx | 2.3.3 | |
| pivotx | pivotx | 2.3.5 | |
| pivotx | pivotx | 2.3.6 | |
| pivotx | pivotx | 2.3.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotx:pivotx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E358420F-288B-4AD9-9FEC-1B5E6BCC9581",
"versionEndIncluding": "2.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3990C45-2F1A-4E97-80CD-1BF07A6DEE84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "847926C5-EC16-420B-993F-D0C6991DD0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "101512B3-9573-45F0-8E23-ECCFBC7BC981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB36519-001A-446F-B680-2DCBF4A7C4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "D09514E0-221A-4A8C-BE34-CCCEDFBE54C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "A43A812E-D866-45AB-92DF-A5617279FC10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "179DBEB0-22A0-46EA-9E48-BC3A79C1E37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF74C6E-E55E-4C01-B4C9-6BB60D57E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47F90583-61D3-42C2-9819-4AC507B1CC95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7925A020-5937-4C46-BAA9-06346E3F0A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9F054EB0-C027-427C-B95E-A8C1B657D45F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C195C336-C3AE-44FC-B711-201173E13A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5412F2-CF80-4082-A9D3-985CE8A1AB2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21685794-283D-4C6E-BC59-AA4769BEE5AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "33E97ECB-93F4-41C9-84F5-E59F9A5B249C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2BA04E-2C8B-46C8-AB95-BB62F1DC2404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotx:pivotx:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A720BF-6AD1-479C-9264-012577F22EB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to objects.php; or the (5) email or (6) nickname field to pages.php, related to templates_internal/users.tpl."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en PivotX anterior a 2.3.9 permiten a usuarios remotos autenticados inyectar script Web o HTML arbitrarios a trav\u00e9s del campo title hacia (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl o (3) templates_internal/entries.tpl; (4) un campo event hacia objects.php; o el campo (5) email o (6) nickname hacia pages.php, relacionado con templates_internal/users.tpl."
}
],
"id": "CVE-2014-0341",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-04-15T10:55:11.870",
"references": [
{
"source": "cret@cert.org",
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://pivotx.net/page/security"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4345/"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4349/"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/66800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://pivotx.net/page/security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4345/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4349/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/66800"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-52367 (GCVE-0-2025-52367)
Vulnerability from cvelistv5 – Published: 2025-09-22 00:00 – Updated: 2025-09-23 18:13
VLAI?
Summary
Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field.
Severity ?
5.4 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-52367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T16:03:07.593751Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T18:13:24.806Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://medium.com/@hayton1088/cve-2025-52367-stored-xss-to-rce-via-privilege-escalation-in-pivotx-cms-v3-0-0-rc-3-a1b870bcb7b3"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T18:43:18.692Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://pivotx.com"
},
{
"url": "https://medium.com/@hayton1088/cve-2025-52367-stored-xss-to-rce-via-privilege-escalation-in-pivotx-cms-v3-0-0-rc-3-a1b870bcb7b3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-52367",
"datePublished": "2025-09-22T00:00:00.000Z",
"dateReserved": "2025-06-16T00:00:00.000Z",
"dateUpdated": "2025-09-23T18:13:24.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14958 (GCVE-0-2017-14958)
Vulnerability from cvelistv5 – Published: 2017-10-01 15:00 – Updated: 2024-08-05 19:42
VLAI?
Summary
lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:42:22.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4490/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-01T15:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4490/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14958",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/pivot-weblog/code/4490/",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/p/pivot-weblog/code/4490/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14958",
"datePublished": "2017-10-01T15:00:00",
"dateReserved": "2017-10-01T00:00:00",
"dateUpdated": "2024-08-05T19:42:22.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9332 (GCVE-0-2017-9332)
Vulnerability from cvelistv5 – Published: 2017-06-06 14:00 – Updated: 2024-08-05 17:02
VLAI?
Summary
The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:02:44.346Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4487/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-06T11:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4487/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9332",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/pivot-weblog/code/4487/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/pivot-weblog/code/4487/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-9332",
"datePublished": "2017-06-06T14:00:00",
"dateReserved": "2017-05-31T00:00:00",
"dateUpdated": "2024-08-05T17:02:44.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8402 (GCVE-0-2017-8402)
Vulnerability from cvelistv5 – Published: 2017-05-31 03:54 – Updated: 2024-08-05 16:34
VLAI?
Summary
PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:34:22.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4489/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-31T03:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4489/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/pivot-weblog/code/4489/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/pivot-weblog/code/4489/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8402",
"datePublished": "2017-05-31T03:54:00",
"dateReserved": "2017-05-01T00:00:00",
"dateUpdated": "2024-08-05T16:34:22.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7570 (GCVE-0-2017-7570)
Vulnerability from cvelistv5 – Published: 2017-04-07 04:33 – Updated: 2024-08-05 16:04
VLAI?
Summary
PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:12.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-07T04:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df",
"refsource": "MISC",
"url": "https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7570",
"datePublished": "2017-04-07T04:33:00",
"dateReserved": "2017-04-06T00:00:00",
"dateUpdated": "2024-08-05T16:04:12.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5457 (GCVE-0-2015-5457)
Vulnerability from cvelistv5 – Published: 2015-07-08 15:00 – Updated: 2024-08-06 06:50
VLAI?
Summary
PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4452/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4451"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4452/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4451"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/",
"refsource": "MISC",
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"name": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"name": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4452/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4451",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4452/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4451"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5457",
"datePublished": "2015-07-08T15:00:00",
"dateReserved": "2015-07-08T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5456 (GCVE-0-2015-5456)
Vulnerability from cvelistv5 – Published: 2015-07-08 15:00 – Updated: 2024-08-06 06:50
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the "PHP_SELF" variable and form actions.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4457/tree//branches/2.3.x/pivotx/modules/formclass.php?diff=51a4cb5e34309d75c0d1612a:4456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the \"PHP_SELF\" variable and form actions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4457/tree//branches/2.3.x/pivotx/modules/formclass.php?diff=51a4cb5e34309d75c0d1612a:4456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the \"PHP_SELF\" variable and form actions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4457/tree//branches/2.3.x/pivotx/modules/formclass.php?diff=51a4cb5e34309d75c0d1612a:4456",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4457/tree//branches/2.3.x/pivotx/modules/formclass.php?diff=51a4cb5e34309d75c0d1612a:4456"
},
{
"name": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/",
"refsource": "MISC",
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"name": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"name": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5456",
"datePublished": "2015-07-08T15:00:00",
"dateReserved": "2015-07-08T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5458 (GCVE-0-2015-5458)
Vulnerability from cvelistv5 – Published: 2015-07-08 15:00 – Updated: 2024-08-06 06:50
VLAI?
Summary
Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/",
"refsource": "MISC",
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"name": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"name": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5458",
"datePublished": "2015-07-08T15:00:00",
"dateReserved": "2015-07-08T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0341 (GCVE-0-2014-0341)
Vulnerability from cvelistv5 – Published: 2014-04-15 10:00 – Updated: 2024-08-06 09:13
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to objects.php; or the (5) email or (6) nickname field to pages.php, related to templates_internal/users.tpl.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:10.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4349/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"name": "66800",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66800"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://pivotx.net/page/security"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4345/"
},
{
"name": "VU#901156",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to objects.php; or the (5) email or (6) nickname field to pages.php, related to templates_internal/users.tpl."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-02T14:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4349/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"name": "66800",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66800"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://pivotx.net/page/security"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4345/"
},
{
"name": "VU#901156",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-0341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to objects.php; or the (5) email or (6) nickname field to pages.php, related to templates_internal/users.tpl."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4349/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4349/"
},
{
"name": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"name": "66800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66800"
},
{
"name": "http://pivotx.net/page/security",
"refsource": "CONFIRM",
"url": "http://pivotx.net/page/security"
},
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4345/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4345/"
},
{
"name": "VU#901156",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/901156"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-0341",
"datePublished": "2014-04-15T10:00:00",
"dateReserved": "2013-12-05T00:00:00",
"dateUpdated": "2024-08-06T09:13:10.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0342 (GCVE-0-2014-0342)
Vulnerability from cvelistv5 – Published: 2014-04-15 10:00 – Updated: 2024-08-06 09:13
VLAI?
Summary
Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:09.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4347/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://pivotx.net/page/security"
},
{
"name": "VU#901156",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-15T03:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4347/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://pivotx.net/page/security"
},
{
"name": "VU#901156",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-0342",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4347/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4347/"
},
{
"name": "http://pivotx.net/page/security",
"refsource": "CONFIRM",
"url": "http://pivotx.net/page/security"
},
{
"name": "VU#901156",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/901156"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-0342",
"datePublished": "2014-04-15T10:00:00",
"dateReserved": "2013-12-05T00:00:00",
"dateUpdated": "2024-08-06T09:13:09.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-52367 (GCVE-0-2025-52367)
Vulnerability from nvd – Published: 2025-09-22 00:00 – Updated: 2025-09-23 18:13
VLAI?
Summary
Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field.
Severity ?
5.4 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-52367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T16:03:07.593751Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T18:13:24.806Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://medium.com/@hayton1088/cve-2025-52367-stored-xss-to-rce-via-privilege-escalation-in-pivotx-cms-v3-0-0-rc-3-a1b870bcb7b3"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T18:43:18.692Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://pivotx.com"
},
{
"url": "https://medium.com/@hayton1088/cve-2025-52367-stored-xss-to-rce-via-privilege-escalation-in-pivotx-cms-v3-0-0-rc-3-a1b870bcb7b3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-52367",
"datePublished": "2025-09-22T00:00:00.000Z",
"dateReserved": "2025-06-16T00:00:00.000Z",
"dateUpdated": "2025-09-23T18:13:24.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14958 (GCVE-0-2017-14958)
Vulnerability from nvd – Published: 2017-10-01 15:00 – Updated: 2024-08-05 19:42
VLAI?
Summary
lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:42:22.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4490/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-01T15:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4490/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14958",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/pivot-weblog/code/4490/",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/p/pivot-weblog/code/4490/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14958",
"datePublished": "2017-10-01T15:00:00",
"dateReserved": "2017-10-01T00:00:00",
"dateUpdated": "2024-08-05T19:42:22.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9332 (GCVE-0-2017-9332)
Vulnerability from nvd – Published: 2017-06-06 14:00 – Updated: 2024-08-05 17:02
VLAI?
Summary
The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:02:44.346Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4487/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-06T11:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4487/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9332",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/pivot-weblog/code/4487/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/pivot-weblog/code/4487/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-9332",
"datePublished": "2017-06-06T14:00:00",
"dateReserved": "2017-05-31T00:00:00",
"dateUpdated": "2024-08-05T17:02:44.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8402 (GCVE-0-2017-8402)
Vulnerability from nvd – Published: 2017-05-31 03:54 – Updated: 2024-08-05 16:34
VLAI?
Summary
PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:34:22.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4489/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-31T03:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/pivot-weblog/code/4489/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/pivot-weblog/code/4489/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/pivot-weblog/code/4489/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8402",
"datePublished": "2017-05-31T03:54:00",
"dateReserved": "2017-05-01T00:00:00",
"dateUpdated": "2024-08-05T16:34:22.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7570 (GCVE-0-2017-7570)
Vulnerability from nvd – Published: 2017-04-07 04:33 – Updated: 2024-08-05 16:04
VLAI?
Summary
PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:12.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-07T04:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df",
"refsource": "MISC",
"url": "https://gist.github.com/X1nda/749b6aac6e080624d9f8ec81321335df"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7570",
"datePublished": "2017-04-07T04:33:00",
"dateReserved": "2017-04-06T00:00:00",
"dateUpdated": "2024-08-05T16:04:12.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5457 (GCVE-0-2015-5457)
Vulnerability from nvd – Published: 2015-07-08 15:00 – Updated: 2024-08-06 06:50
VLAI?
Summary
PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4452/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4451"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4452/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4451"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple extensions, which allows remote attackers to execute arbitrary code by uploading a crafted file, as demonstrated by a file named foo.php.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/",
"refsource": "MISC",
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"name": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"name": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
},
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4452/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4451",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4452/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4451"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5457",
"datePublished": "2015-07-08T15:00:00",
"dateReserved": "2015-07-08T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5456 (GCVE-0-2015-5456)
Vulnerability from nvd – Published: 2015-07-08 15:00 – Updated: 2024-08-06 06:50
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the "PHP_SELF" variable and form actions.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4457/tree//branches/2.3.x/pivotx/modules/formclass.php?diff=51a4cb5e34309d75c0d1612a:4456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the \"PHP_SELF\" variable and form actions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4457/tree//branches/2.3.x/pivotx/modules/formclass.php?diff=51a4cb5e34309d75c0d1612a:4456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the form method in modules/formclass.php in PivotX before 2.3.11 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the \"PHP_SELF\" variable and form actions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4457/tree//branches/2.3.x/pivotx/modules/formclass.php?diff=51a4cb5e34309d75c0d1612a:4456",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4457/tree//branches/2.3.x/pivotx/modules/formclass.php?diff=51a4cb5e34309d75c0d1612a:4456"
},
{
"name": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/",
"refsource": "MISC",
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"name": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"name": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5456",
"datePublished": "2015-07-08T15:00:00",
"dateReserved": "2015-07-08T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5458 (GCVE-0-2015-5458)
Vulnerability from nvd – Published: 2015-07-08 15:00 – Updated: 2024-08-06 06:50
VLAI?
Summary
Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75577"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to hijack web sessions via the sess parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/",
"refsource": "MISC",
"url": "http://software-talk.org/blog/2015/06/session-fixation-xss-code-execution-vulnerability-pivotx/"
},
{
"name": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132474/PivotX-2.3.10-Session-Fixation-XSS-Code-Execution.html"
},
{
"name": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2015/06/21/pivotx-2311-released"
},
{
"name": "75577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75577"
},
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4450/tree//branches/2.3.x/pivotx/fileupload.php?diff=51a4cb5e34309d75c0d1612a:4449"
},
{
"name": "20150627 Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535860/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5458",
"datePublished": "2015-07-08T15:00:00",
"dateReserved": "2015-07-08T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0341 (GCVE-0-2014-0341)
Vulnerability from nvd – Published: 2014-04-15 10:00 – Updated: 2024-08-06 09:13
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to objects.php; or the (5) email or (6) nickname field to pages.php, related to templates_internal/users.tpl.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:10.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4349/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"name": "66800",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66800"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://pivotx.net/page/security"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4345/"
},
{
"name": "VU#901156",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to objects.php; or the (5) email or (6) nickname field to pages.php, related to templates_internal/users.tpl."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-02T14:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4349/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"name": "66800",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66800"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://pivotx.net/page/security"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4345/"
},
{
"name": "VU#901156",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-0341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to objects.php; or the (5) email or (6) nickname field to pages.php, related to templates_internal/users.tpl."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4349/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4349/"
},
{
"name": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"name": "66800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66800"
},
{
"name": "http://pivotx.net/page/security",
"refsource": "CONFIRM",
"url": "http://pivotx.net/page/security"
},
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4345/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4345/"
},
{
"name": "VU#901156",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/901156"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-0341",
"datePublished": "2014-04-15T10:00:00",
"dateReserved": "2013-12-05T00:00:00",
"dateUpdated": "2024-08-06T09:13:10.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0342 (GCVE-0-2014-0342)
Vulnerability from nvd – Published: 2014-04-15 10:00 – Updated: 2024-08-06 09:13
VLAI?
Summary
Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:09.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4347/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://pivotx.net/page/security"
},
{
"name": "VU#901156",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-15T03:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/pivot-weblog/code/4347/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://pivotx.net/page/security"
},
{
"name": "VU#901156",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/901156"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-0342",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4347/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4347/"
},
{
"name": "http://pivotx.net/page/security",
"refsource": "CONFIRM",
"url": "http://pivotx.net/page/security"
},
{
"name": "VU#901156",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/901156"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-0342",
"datePublished": "2014-04-15T10:00:00",
"dateReserved": "2013-12-05T00:00:00",
"dateUpdated": "2024-08-06T09:13:09.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}