Vulnerabilities > Pligg > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-13 | CVE-2008-6968 | SQL Injection vulnerability in Pligg CMS 9.9.5 Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters. | 7.5 |
| 2008-12-26 | CVE-2008-5739 | SQL Injection vulnerability in Pligg CMS 9.9.5 SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote attackers to execute arbitrary SQL commands via the url parameter. | 7.5 |
| 2008-07-30 | CVE-2008-3366 | SQL Injection vulnerability in Pligg CMS 9.9.0 SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-04-14 | CVE-2008-1774 | SQL Injection vulnerability in Pligg CMS 9.9.0 SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2007-10-18 | CVE-2007-5579 | Credentials Management vulnerability in Pligg CMS 9.5 login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, which allows remote attackers with knowledge of a username to reset that user's password by calculating the confirmationcode parameter. | 7.5 |