CVE-2009-4787

Pligg CMS < 1.0.3 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Pligg before 1.0.3 allow remote attackers to hijack the authentication of administrators for requests that create user accounts or have unspecified other impact.

References (3)

Core 3
Core References
Various Sources x_refsource_misc
http://holisticinfosec.org/content/view/130/45/
Vendor Advisory x_refsource_confirm
http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37349

Scores

EPSS 0.0091
EPSS Percentile 55.6%

Details

CWE
CWE-352
Status published
Products (3)
pligg/pligg_cms 1.0.0 (6 CPE variants)
pligg/pligg_cms 1.0.1
pligg/pligg_cms < 1.0.2
Published Apr 21, 2010
Tracked Since Feb 18, 2026