Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-28590 | 1 Pixelimity | 1 Pixelimity | 2022-05-09 | 6.5 MEDIUM | 7.2 HIGH |
A Remote Code Execution (RCE) vulnerability exists in Pixelimity 1.0 via admin/admin-ajax.php?action=install_theme. | |||||
CVE-2022-28589 | 1 Pixelimity | 1 Pixelimity | 2022-05-09 | 3.5 LOW | 4.8 MEDIUM |
A stored cross-site scripting (XSS) vulnerability in Pixelimity 1.0 allows attackers to execute arbitrary web scripts or HTML via the Title field in admin/pages.php?action=add_new | |||||
CVE-2021-42866 | 1 Pixelimity | 1 Pixelimity | 2022-04-07 | 3.5 LOW | 4.8 MEDIUM |
A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php | |||||
CVE-2021-29056 | 1 Pixelimity | 1 Pixelimity | 2021-08-24 | 3.5 LOW | 4.8 MEDIUM |
Cross Site Scripting (XSS) vulnerability exists in Pixelimity 1.0 via the HTTP POST parameter to admin/setting.php. | |||||
CVE-2020-23522 | 1 Pixelimity | 1 Pixelimity | 2021-02-09 | 6.0 MEDIUM | 6.8 MEDIUM |
Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter. | |||||
CVE-2018-19919 | 1 Pixelimity | 1 Pixelimity | 2018-12-31 | 3.5 LOW | 4.8 MEDIUM |
Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php data[title] parameter, as demonstrated by a crafted onload attribute of an SVG element. |