Pivotx : Security Vulnerabilities, CVEs, CVSS score >= 8
PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file.
Max CVSS
8.8
EPSS Score
0.26%
Published
2017-05-31
Updated
2017-06-08
PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to change to the .php extension.
Max CVSS
8.8
EPSS Score
0.38%
Published
2017-04-07
Updated
2017-04-13
2 vulnerabilities found