Pixelimity
by Pixelimity
Source repositories
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-28590 | Hig | 0.49 | 7.2 | 0.24 | May 3, 2022 | A Remote Code Execution (RCE) vulnerability exists in Pixelimity 1.0 via admin/admin-ajax.php?action=install_theme. | ||
| CVE-2020-23522 | Med | 0.47 | 6.8 | 0.02 | Jan 19, 2021 | Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter. | ||
| CVE-2025-5206 | Med | 0.31 | 4.7 | 0.00 | May 26, 2025 | A vulnerability classified as critical was found in Pixelimity 1.0. Affected by this vulnerability is an unknown functionality of the file /install/index.php of the component Installation. The manipulation of the argument site_description leads to sql injection. The attack can… | ||
| CVE-2022-28589 | Med | 0.31 | 4.8 | 0.01 | May 3, 2022 | A stored cross-site scripting (XSS) vulnerability in Pixelimity 1.0 allows attackers to execute arbitrary web scripts or HTML via the Title field in admin/pages.php?action=add_new | ||
| CVE-2021-42866 | Med | 0.31 | 4.8 | 0.01 | Mar 31, 2022 | A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php | ||
| CVE-2021-29056 | Med | 0.31 | 4.8 | 0.01 | Aug 17, 2021 | Cross Site Scripting (XSS) vulnerability exists in Pixelimity 1.0 via the HTTP POST parameter to admin/setting.php. | ||
| CVE-2018-19919 | Med | 0.31 | 4.8 | 0.01 | Dec 6, 2018 | Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php data[title] parameter, as demonstrated by a crafted onload attribute of an SVG element. |
- risk 0.49cvss 7.2epss 0.24
A Remote Code Execution (RCE) vulnerability exists in Pixelimity 1.0 via admin/admin-ajax.php?action=install_theme.
- risk 0.47cvss 6.8epss 0.02
Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter.
- risk 0.31cvss 4.7epss 0.00
A vulnerability classified as critical was found in Pixelimity 1.0. Affected by this vulnerability is an unknown functionality of the file /install/index.php of the component Installation. The manipulation of the argument site_description leads to sql injection. The attack can…
- risk 0.31cvss 4.8epss 0.01
A stored cross-site scripting (XSS) vulnerability in Pixelimity 1.0 allows attackers to execute arbitrary web scripts or HTML via the Title field in admin/pages.php?action=add_new
- risk 0.31cvss 4.8epss 0.01
A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php
- risk 0.31cvss 4.8epss 0.01
Cross Site Scripting (XSS) vulnerability exists in Pixelimity 1.0 via the HTTP POST parameter to admin/setting.php.
- risk 0.31cvss 4.8epss 0.01
Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php data[title] parameter, as demonstrated by a crafted onload attribute of an SVG element.