Filtered by vendor Pixelimity
Subscribe
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-5206 | 1 Pixelimity | 1 Pixelimity | 2025-06-05 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability classified as critical was found in Pixelimity 1.0. Affected by this vulnerability is an unknown functionality of the file /install/index.php of the component Installation. The manipulation of the argument site_description leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-28590 | 1 Pixelimity | 1 Pixelimity | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A Remote Code Execution (RCE) vulnerability exists in Pixelimity 1.0 via admin/admin-ajax.php?action=install_theme. | |||||
| CVE-2022-28589 | 1 Pixelimity | 1 Pixelimity | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in Pixelimity 1.0 allows attackers to execute arbitrary web scripts or HTML via the Title field in admin/pages.php?action=add_new | |||||
| CVE-2021-42866 | 1 Pixelimity | 1 Pixelimity | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php | |||||
| CVE-2021-29056 | 1 Pixelimity | 1 Pixelimity | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in Pixelimity 1.0 via the HTTP POST parameter to admin/setting.php. | |||||
| CVE-2020-23522 | 1 Pixelimity | 1 Pixelimity | 2024-11-21 | 6.0 MEDIUM | 6.8 MEDIUM |
| Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter. | |||||
| CVE-2018-19919 | 1 Pixelimity | 1 Pixelimity | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php data[title] parameter, as demonstrated by a crafted onload attribute of an SVG element. | |||||