5 matches found
CVE-2024-42608
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/submitpage.php...
CVE-2024-42609
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/adminbackup.php?dobackup=avatars...
CVE-2024-42608
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/submitpage.php...
CVE-2024-42612
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/domainmanagement.php?whitelistadd...
CVE-2024-42604
Pligg CMS v2.0.2 contains a CSRF vulnerability in the admin_group.php endpoint (mode=delete&group_id=3). The flaw arises from insufficient verification of the requesting user, allowing an attacker to forge state-changing requests. Several connected reports (including Red Hat, CNVD, CNVD CNVD, OSV...