Sign in Get started

← All vendors

Vendor

Piwik

Sign in to watch

Products

2

CVEs

5

Across products

5

Status

Private

Products

2

Piwik
4 CVEs
Piwik Mobile 2
1 CVE

Recent CVEs

5

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2010-1453		0.03	—	0.02		May 7, 2010	Cross-site scripting (XSS) vulnerability in the Login form in Piwik 0.1.6 through 0.5.5 allows remote attackers to inject arbitrary web script or HTML via the form_url parameter.
CVE-2013-0195		0.00	—	0.00		Nov 20, 2019	Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0194.
CVE-2013-0194		0.00	—	0.00		Nov 20, 2019	Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0195.
CVE-2013-0193		0.00	—	0.00		Nov 20, 2019	Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0194 and CVE-2013-0195.
CVE-2014-5871		0.00	—	0.00		Sep 11, 2014	The Piwik Mobile 2 (aka org.piwik.mobile2) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.