CVE-2008-7089
Pligg Cms < 9.9.0 - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in Pligg 9.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a search action to user.php and other unspecified vectors.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by GulfTech Security · textwebappsphp
https://www.exploit-db.com/exploits/6173
References (6)
Scores
EPSS
0.0491
EPSS Percentile
89.4%
Classification
CWE
CWE-79
Status
draft
Affected Products (3)
pligg/pligg_cms
< 9.9.0
pligg/pligg_cms
pligg/pligg_cms
Timeline
Published
Aug 26, 2009
Tracked Since
Feb 18, 2026