Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pligg pligg cms vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2009-4787
Multiple cross-site request forgery (CSRF) vulnerabilities in Pligg prior to 1.0.3 allow remote malicious users to hijack the authentication of administrators for requests that create user accounts or have unspecified other impact.
Pligg Pligg Cms 1.0.0
Pligg Pligg Cms 1.0.1
Pligg Pligg Cms
435
VMScore
CVE-2008-7089
Cross-site scripting (XSS) vulnerability in Pligg 9.9 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter in a search action to user.php and other unspecified vectors.
Pligg Pligg Cms 9.9.0
Pligg Pligg Cms 9.5
Pligg Pligg Cms
1 EDB exploit
785
VMScore
CVE-2008-7090
Multiple directory traversal vulnerabilities in Pligg 9.9 and previous versions allow remote malicious users to (1) determine the existence of arbitrary files via a .. (dot dot) in the $tb_url variable in trackback.php, or (2) include arbitrary files via a .. (dot dot) in the tem...
Pligg Pligg Cms 9.5
Pligg Pligg Cms
1 EDB exploit
755
VMScore
CVE-2014-9096
Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id or (2) n parameter.
Pligg Pligg Cms
1 EDB exploit
445
VMScore
CVE-2011-3794
Pligg CMS 1.1.3 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/init.php and certain other files.
Pligg Pligg Cms 1.1.3
755
VMScore
CVE-2008-5739
SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote malicious users to execute arbitrary SQL commands via the url parameter.
Pligg Pligg Cms 9.9.5
1 EDB exploit
755
VMScore
CVE-2011-5022
SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows remote malicious users to execute arbitrary SQL commands via the status parameter.
Pligg Pligg Cms 1.1.2
1 EDB exploit
435
VMScore
CVE-2011-5023
Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to the search program, a different vulnerability than CVE-2011-3986.
Pligg Pligg Cms 1.1.4
1 EDB exploit
755
VMScore
CVE-2008-3366
SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2008-1774.
Pligg Pligg Cms 9.9.0
1 EDB exploit
755
VMScore
CVE-2007-5579
login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, which allows remote attackers with knowledge of a username to reset that user's password by calculating the confirmationcode parameter.
Pligg Pligg Cms 9.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »