Vulnerabilities > Pligg > Pligg CMS

DATE CVE VULNERABILITY TITLE RISK
2009-08-26 CVE-2008-7089 Cross-Site Scripting vulnerability in Pligg CMS
Cross-site scripting (XSS) vulnerability in Pligg 9.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a search action to user.php and other unspecified vectors.
network
pligg CWE-79
4.3
2009-08-13 CVE-2008-6968 SQL Injection vulnerability in Pligg CMS 9.9.5
Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters.
network
low complexity
pligg CWE-89
7.5
2008-12-26 CVE-2008-5739 SQL Injection vulnerability in Pligg CMS 9.9.5
SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote attackers to execute arbitrary SQL commands via the url parameter.
network
low complexity
pligg CWE-89
7.5
2008-08-10 CVE-2008-3572 Cross-Site Scripting vulnerability in Pligg CMS 9.9.5
Cross-site scripting (XSS) vulnerability in index.php in Pligg 9.9.5 allows remote attackers to inject arbitrary web script or HTML via the category parameter.
network
pligg CWE-79
4.3
2008-07-30 CVE-2008-3366 SQL Injection vulnerability in Pligg CMS 9.9.0
SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
pligg CWE-89
7.5
2008-04-14 CVE-2008-1774 SQL Injection vulnerability in Pligg CMS 9.9.0
SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
pligg CWE-89
7.5
2007-10-18 CVE-2007-5579 Credentials Management vulnerability in Pligg CMS 9.5
login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, which allows remote attackers with knowledge of a username to reset that user's password by calculating the confirmationcode parameter.
network
low complexity
pligg CWE-255
7.5