Vulnerabilities (CVE)

Filtered by vendor Piwik Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-5871 1 Piwik 1 Piwik Mobile 2 2024-11-21 5.4 MEDIUM N/A
The Piwik Mobile 2 (aka org.piwik.mobile2) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2010-1453 2 Matomo, Piwik 2 Matomo, Piwik 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Login form in Piwik 0.1.6 through 0.5.5 allows remote attackers to inject arbitrary web script or HTML via the form_url parameter.