2 matches found
CVE-2009-4788
CVE-2009-4788 concerns multiple open redirect vulnerabilities in Pligg 1.0.2 and earlier . The issue allows remote attackers to redirect users to arbitrary sites and facilitate phishing via two vectors: the return parameter to pligg/login.php and the HTTP Referer header to user_settings.php . Thi...
Pligg Cross Site Scripting And Request Forgery Remote Vulnerabilities
Pligg is prone to multiple cross-site scripting vulnerabilities and a cross-site request-forgery vulnerability. An attacker can exploit these issues to steal cookie-based authentication credentials or perform unauthorized actions when masquerading as the victim. Other attacks are also possible...