Lucene search
HistoryOct 03, 2022 - 4:24 p.m.
CVE-2009-4788
cve-2009-4788
open redirect
pligg
vulnerability
nvd
security
phishing
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
56.8%
Multiple open redirect vulnerabilities in Pligg 1.0.2 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the (1) return parameter to pligg/login.php and the (2) HTTP Referer header to user_settings.php.
Affected configurations
Node
pliggpligg_cmsRange≤1.0.2
ORpliggpligg_cmsMatch1.0.0
ORpliggpligg_cmsMatch1.0.0rc1
ORpliggpligg_cmsMatch1.0.0rc2
ORpliggpligg_cmsMatch1.0.0rc3
ORpliggpligg_cmsMatch1.0.0rc4
ORpliggpligg_cmsMatch1.0.0rc5
ORpliggpligg_cmsMatch1.0.1
ORpliggpligg_cmsMatch9.5
ORpliggpligg_cmsMatch9.9
ORpliggpligg_cmsMatch9.9.0
ORpliggpligg_cmsMatch9.9.0beta
ORpliggpligg_cmsMatch9.9.5
ORpliggpligg_cmsMatch9.9.5beta
Related
prion
prion
Open redirect
2010-04-21 14:30:00
nessus
nessus
Pligg login.php return Parameter Arbitrary Site Redirect
2009-12-07 00:00:00
cvelist
cvelist
CVE-2009-4788
2022-10-03 16:24:03
nvd
nvd
CVE-2009-4788
2010-04-21 14:30:01
openvas
openvas
Pligg Cross Site Scripting And Request Forgery Remote Vulnerabilities
2009-12-03 00:00:00
FreeBSD Ports: pligg
2009-12-14 00:00:00
FreeBSD Ports: pligg
2009-12-14 00:00:00
freebsd
freebsd
pligg -- Cross-Site Scripting and Cross-Site Request Forgery
2009-12-02 00:00:00
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
56.8%
Related for CVE-2009-4788