CVE-2025-52367

MEDIUM

PivotX CMS 3.0.0 RC 3 - Stored Cross-Site Scripting via Subtitle Field

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-52367. PoCs published by HayToN, HayToN, msutovsky-r7, including Metasploit module exploits/linux/http/pivotx_index_php_overwrite.

AI-analyzed exploit summary This exploit leverages a stored XSS vulnerability in PivotX v3.0.0 RC3 via unsanitized 'title' and 'subtitle' fields, allowing an authenticated user to escalate privileges to admin and achieve RCE by editing the index.php file.

Description

Cross Site Scripting vulnerability in PivotX CMS v.3.0.0 RC 3 allows a remote attacker to execute arbitrary code via the subtitle field.

Exploits (2)

exploitdb WORKING POC

by HayToN · textwebappsmultiple

https://www.exploit-db.com/exploits/52361

View Code ZIP pw:eip

This exploit leverages a stored XSS vulnerability in PivotX v3.0.0 RC3 via unsanitized 'title' and 'subtitle' fields, allowing an authenticated user to escalate privileges to admin and achieve RCE by editing the index.php file.

Classification

Working Poc 95%

Attack Type

Xss

Complexity

Moderate

Reliability

Reliable

Target: PivotX v3.0.0 RC3

Auth required

Prerequisites: Authenticated user access · Admin interaction with crafted page

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by HayToN, msutovsky-r7 · rubypocphp

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/pivotx_index_php_overwrite.rb

View Code ZIP pw:eip

This Metasploit module exploits a file overwrite vulnerability in PivotX CMS (CVE-2025-52367) by injecting malicious PHP code into `index.php` after authenticating as an admin user. It achieves remote code execution by leveraging the CMS's file editing functionality.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PivotX CMS <= 3.0.0-rc3

Auth required

Prerequisites: Valid admin credentials for PivotX · Access to the PivotX management interface

MITRE ATT&CK

T1059.004 - Unix Shell T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Broken Link

http://pivotx.com

Exploit, Third Party Advisory

https://medium.com/@hayton1088/cve-2025-52367-stored-xss-to-rce-via-privilege-escalation-in-pivotx-cms-v3-0-0-rc-3-a1b870bcb7b3

Scores

CVSS v3 5.4

EPSS 0.7441

EPSS Percentile 98.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

pivotx/pivotx 3.0.0 rc3

Published Sep 22, 2025

Tracked Since Feb 18, 2026