RSS   Vulnerabilities for 'Pixelimity'   RSS

2022-05-03
 
CVE-2022-28589

CWE-79
 

 
A stored cross-site scripting (XSS) vulnerability in Pixelimity 1.0 allows attackers to execute arbitrary web scripts or HTML via the Title field in admin/pages.php?action=add_new

 
 
CVE-2022-28590

NVD-CWE-noinfo
 

 
A Remote Code Execution (RCE) vulnerability exists in Pixelimity 1.0 via admin/admin-ajax.php?action=install_theme.

 
2022-03-31
 
CVE-2021-42866

CWE-79
 

 
A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php

 
2021-08-17
 
CVE-2021-29056

CWE-79
 

 
Cross Site Scripting (XSS) vulnerability exists in Pixelimity 1.0 via the HTTP POST parameter to admin/setting.php.

 
2021-01-19
 
CVE-2020-23522

CWE-352
 

 
Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter.

 
2018-12-06
 
CVE-2018-19919

CWE-79
 

 
Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php data[title] parameter, as demonstrated by a crafted onload attribute of an SVG element.

 


Copyright 2024, cxsecurity.com

 

Back to Top