Vulnerabilities > Pligg Project

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-13	CVE-2020-25287	Unrestricted Upload of File with Dangerous Type vulnerability in Pligg Project Pligg 2.0.3 Pligg 2.0.3 allows remote authenticated users to execute arbitrary commands because the template editor can edit any file, as demonstrated by an admin/admin_editor.php the_file=..%2Findex.php&open=Open request. network low complexity pligg-project CWE-434	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Pligg Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Pligg Project"}]}

Vulnerabilities > Pligg Project