EUVD-2008-7050

Malware in sbrugna...

CVE-2008-7090

Multiple directory traversal vulnerabilities in Pligg 9.9 and earlier allow remote attackers to 1 determine the existence of arbitrary files via a .. dot dot in the $tburl variable in trackback.php, or 2 include arbitrary files via a .. dot dot in the template parameter to settemplate.php...

Sql injection

Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to vote.php, which is not properly handled in libs/link.php; 2 id parameter to trackback.php; 3 an unspecified parameter to submit.php; 4 requestTitle...

Cross site scripting

Cross-site scripting XSS vulnerability in Pligg 9.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a search action to user.php and other unspecified vectors...

CVE-2008-7089

Cross-site scripting XSS vulnerability in Pligg 9.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a search action to user.php and other unspecified vectors...

CVE-2008-7091

CVE-2008-7091 affects Pligg 9.9 and earlier, with multiple SQL injection vulnerabilities caused by improper handling of user-supplied input across several PHP scripts (vote.php, trackback.php, submit.php, story.php, recommend.php, cloud.php, out.php, login.php, cvote.php, edit.php). Attack vector...