Pligg : Security Vulnerabilities, CVEs, Published In 2012 (Sql injection)
Multiple SQL injection vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) list parameter in a move action to admin/admin_index.php, (2) display parameter in a minimize action to admin/admin_index.php, (3) enabled[] parameter to admin/admin_users.php, or (4) msg_id to the module.php in the simple_messaging module.
Max CVSS
7.5
EPSS Score
0.36%
Published
2012-05-27
Updated
2017-08-29
1 vulnerabilities found