Pixelimity: >> Pixelimity Security Vulnerabilities
A vulnerability classified as critical was found in Pixelimity 1.0. Affected by this vulnerability is an unknown functionality of the file /install/index.php of the component Installation. The manipulation of the argument site_description leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
4.7
EPSS Score
0.0
Published
2025-05-26
A stored cross-site scripting (XSS) vulnerability in Pixelimity 1.0 allows attackers to execute arbitrary web scripts or HTML via the Title field in admin/pages.php?action=add_new
CVSS Score
4.8
EPSS Score
0.002
Published
2022-05-03
A Remote Code Execution (RCE) vulnerability exists in Pixelimity 1.0 via admin/admin-ajax.php?action=install_theme.
CVSS Score
7.2
EPSS Score
0.423
Published
2022-05-03
A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php
CVSS Score
4.8
EPSS Score
0.002
Published
2022-03-31
Cross Site Scripting (XSS) vulnerability exists in Pixelimity 1.0 via the HTTP POST parameter to admin/setting.php.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-08-17
Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter.
CVSS Score
6.8
EPSS Score
0.002
Published
2021-01-19
Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php data[title] parameter, as demonstrated by a crafted onload attribute of an SVG element.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-12-06