7 matches found
CVE-2024-42612
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/domainmanagement.php?whitelistadd...
CVE-2024-42607
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/adminbackup.php?dobackup=database...
CVE-2024-42616
Pligg CMS v2.0.2 is affected by a CSRF vulnerability exposed at /admin/admin_widgets.php?action=remove&widget=Statistics. The CVE-2024-42616 entry is supported by multiple feeds (NVD, OSV, CNVD, etc.) stating that the issue is a Cross-Site Request Forgery vulnerability in Pligg/Kliqqi CMS. The co...
CVE-2024-42621
Affected software: Pligg CMS v2.0.2 (also referred to as Kliqqi CMS in related records). Vulnerability type & vector: Cross-Site Request Forgery (CSRF) via the /admin/admin_editor.php endpoint. Root cause: Insufficient verification of the request origin/authorization allows an attacker to forge r...
CVE-2024-42612
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/domainmanagement.php?whitelistadd...
Remote code execution
Pligg CMS v2.0.2 also known as Kliqqi was discovered to contain a remote code execution RCE vulnerability in the component admineditor.php...
Sql injection
Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the pagesize parameter at loaddataforgroups.php...