Shodan
Vulnerabilities
Vulnerable Software
Matomo:  >> Matomo  >> 1.4  Security Vulnerabilities
CVE-2013-0193
Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0194 and CVE-2013-0195.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-11-20
CVE-2013-0194
Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0195.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-11-20
CVE-2013-0195
Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0194.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-11-20
CVE-2015-7816
The DisplayTopKeywords function in plugins/Referrers/Controller.php in Piwik before 2.15.0 allows remote attackers to conduct PHP object injection attacks, conduct Server-Side Request Forgery (SSRF) attacks, and execute arbitrary PHP code via a crafted HTTP header.
CVSS Score
7.5
EPSS Score
0.004
Published
2015-11-16
CVE-2015-7815
Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik before 2.15.0 allows remote attackers to include and execute arbitrary local files via the viewDataTable parameter.
CVSS Score
7.5
EPSS Score
0.014
Published
2015-11-16
CVE-2013-2633
Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters.
CVSS Score
5.0
EPSS Score
0.003
Published
2013-03-21
CVE-2013-1844
Cross-site scripting (XSS) vulnerability in Piwik before 1.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.002
Published
2013-03-21
CVE-2012-4541
Cross-site scripting (XSS) vulnerability in Piwik before 1.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2012-11-19
CVE-2011-4941
Unspecified vulnerability in Piwik 1.2 through 1.4 allows remote attackers with the view permission to execute arbitrary code via unknown attack vectors.
CVSS Score
6.8
EPSS Score
0.014
Published
2012-09-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved