Vulnerabilities > Pivotx
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-02-19 | CVE-2011-1035 | Credentials Management vulnerability in Pivotx The password reset in PivotX before 2.2.4 allows remote attackers to modify the passwords of arbitrary users via unspecified vectors. | 7.5 |
| 2011-02-04 | CVE-2011-0775 | Information Exposure vulnerability in Pivotx 2.2.2 pivotx/modules/module_image.php in PivotX 2.2.2 allows remote attackers to obtain sensitive information via a non-existent file in the image parameter, which reveals the installation path in an error message. | 5.0 |
| 2011-02-04 | CVE-2011-0774 | Information Exposure vulnerability in Pivotx 2.2.2 PivotX before 2.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) includes/ping.php and (2) includes/spamping.php, which reveals the installation path in an error message. | 5.0 |
| 2011-02-04 | CVE-2011-0773 | Cross-Site Scripting vulnerability in Pivotx Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | 4.3 |
| 2011-02-04 | CVE-2011-0772 | Cross-Site Scripting vulnerability in Pivotx Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) color parameter to includes/blogroll.php or (2) src parameter to includes/timwrapper.php. | 4.3 |