2 matches found
CVE-2009-4786
Pligg before version 1.0.3 is vulnerable to multiple cross-site scripting (XSS) flaws via the HTTP Referer header in eight endpoints (admin_config.php, admin_modules.php, delete.php, editlink.php, submit.php, submit_groups.php, user_add_remove_links.php, user_settings.php). The issue allows remot...
Pligg Cross Site Scripting And Request Forgery Remote Vulnerabilities
Pligg is prone to multiple cross-site scripting vulnerabilities and a cross-site request-forgery vulnerability. An attacker can exploit these issues to steal cookie-based authentication credentials or perform unauthorized actions when masquerading as the victim. Other attacks are also possible...