Multiple cross-site request forgery (CSRF) vulnerabilities in Pligg before 1.0.3 allow remote attackers to hijack the authentication of administrators for requests that create user accounts or have unspecified other impact.
References
Link | Resource |
---|---|
http://holisticinfosec.org/content/view/130/45/ | |
http://secunia.com/advisories/37349 | Vendor Advisory |
http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/ | Vendor Advisory |
http://holisticinfosec.org/content/view/130/45/ | |
http://secunia.com/advisories/37349 | Vendor Advisory |
http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:10
Type | Values Removed | Values Added |
---|---|---|
References | () http://holisticinfosec.org/content/view/130/45/ - | |
References | () http://secunia.com/advisories/37349 - Vendor Advisory | |
References | () http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/ - Vendor Advisory |
Information
Published : 2010-04-21 14:30
Updated : 2024-11-21 01:10
NVD link : CVE-2009-4787
Mitre link : CVE-2009-4787
CVE.ORG link : CVE-2009-4787
JSON object : View
Products Affected
pligg
- pligg_cms
CWE
CWE-352
Cross-Site Request Forgery (CSRF)