CVE-2011-0774

PivotX - Exposure of Sensitive Information via Direct Request to includes/ping.php and includes/spamping.php

Title source: llm
STIX 2.1

Description

PivotX before 2.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) includes/ping.php and (2) includes/spamping.php, which reveals the installation path in an error message.

References (3)

Core 3

Scores

EPSS 0.0135
EPSS Percentile 68.2%

Details

CWE
CWE-200
Status published
Products (1)
pivotx/pivotx 2.2.2
Published Feb 04, 2011
Tracked Since Feb 18, 2026