Known Vulnerabilities for products from Pligg
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Pligg".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-37677 json | Pligg CMS v2.0.2 (also known as Kliqqi) was discovered to contain a remote code execution (RCE) vulnerability in the componen... | 9.8 - CRITICAL | 2023-07-25 | 2023-08-02 |
| CVE-2022-34956 json | Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_... | 9.8 - CRITICAL | 2022-08-02 | 2022-08-04 |
| CVE-2022-34955 json | Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_... | 9.8 - CRITICAL | 2022-08-02 | 2022-08-04 |
| CVE-2015-6655 json | Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote attackers to hijack the authentication of ad... | 6.8 - MEDIUM | 2015-08-31 | 2016-12-22 |
| CVE-2014-9096 json | Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and earlier allow remote attackers to execute arbitr... | 7.5 - HIGH | 2014-11-26 | 2014-11-28 |
| CVE-2012-2937 json | Multiple SQL injection vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to execute arbitrary SQL commands via... | 7.5 - HIGH | 2012-05-27 | 2017-08-29 |
| CVE-2012-2936 json | Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web ... | 4.3 - MEDIUM | 2012-05-27 | 2017-08-29 |
| CVE-2012-2436 json | Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web ... | 4.3 - MEDIUM | 2012-05-27 | 2017-08-29 |
| CVE-2012-2435 json | Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to includ... | 6.5 - MEDIUM | 2012-05-27 | 2012-05-29 |
| CVE-2011-5023 json | Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML vi... | 4.3 - MEDIUM | 2011-12-29 | 2012-02-01 |
| CVE-2011-5022 json | SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows remote attackers to execute arbitrary SQL commands via th... | 7.5 - HIGH | 2011-12-29 | 2011-12-29 |
| CVE-2011-3986 json | Cross-site scripting (XSS) vulnerability in Pligg before 1.2.0 allows remote attackers to inject arbitrary web script or HTML... | 4.3 - MEDIUM | 2011-11-03 | 2011-11-16 |
| CVE-2011-3794 json | Pligg CMS 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals th... | 5 - MEDIUM | 2011-09-24 | 2012-05-21 |
| CVE-2010-3013 json | SQL injection vulnerability in groupadmin.php in Pligg before 1.1.1 allows remote attackers to execute arbitrary SQL commands... | 7.5 - HIGH | 2010-08-16 | 2010-08-16 |
| CVE-2010-2577 json | Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow remote attackers to execute arbitrary SQL commands via the... | 7.5 - HIGH | 2010-08-16 | 2010-08-16 |
| CVE-2009-4788 json | Multiple open redirect vulnerabilities in Pligg 1.0.2 and earlier allow remote attackers to redirect users to arbitrary web s... | 4.3 - MEDIUM | 2010-04-21 | 2010-06-03 |
| CVE-2009-4787 json | Multiple cross-site request forgery (CSRF) vulnerabilities in Pligg before 1.0.3 allow remote attackers to hijack the authent... | 6.8 - MEDIUM | 2010-04-21 | 2010-06-11 |
| CVE-2009-4786 json | Multiple cross-site scripting (XSS) vulnerabilities in Pligg before 1.0.3 allow remote attackers to inject arbitrary web scri... | 4.3 - MEDIUM | 2010-04-21 | 2010-04-22 |
| CVE-2008-7091 json | Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow remote attackers to execute arbitrary SQL commands via ... | 7.5 - HIGH | 2009-08-26 | 2018-10-11 |
| CVE-2008-7090 json | Multiple directory traversal vulnerabilities in Pligg 9.9 and earlier allow remote attackers to (1) determine the existence o... | 7.8 - HIGH | 2009-08-26 | 2018-10-11 |
Known software with vulnerabilities from Pligg
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pligg | Pligg Cms | 1.0.0 |