Unrated severityNVD Advisory· Published Apr 21, 2010· Updated Jun 16, 2026
CVE-2009-4787
CVE-2009-4787
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Pligg before 1.0.3 allow remote attackers to hijack the authentication of administrators for requests that create user accounts or have unspecified other impact.
Affected products
9cpe:2.3:a:pligg:pligg_cms:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:pligg:pligg_cms:*:*:*:*:*:*:*:*range: <=1.0.2
- cpe:2.3:a:pligg:pligg_cms:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:pligg:pligg_cms:1.0.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:pligg:pligg_cms:1.0.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:pligg:pligg_cms:1.0.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:pligg:pligg_cms:1.0.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:pligg:pligg_cms:1.0.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:pligg:pligg_cms:1.0.1:*:*:*:*:*:*:*
- (no CPE)range: <1.0.3
Patches
Vulnerability mechanics
References
3- secunia.com/advisories/37349nvdVendor Advisory
- www.pligg.com/blog/775/pligg-cms-1-0-3-release/nvdVendor Advisory
- holisticinfosec.org/content/view/130/45/nvd
News mentions
0No linked articles in our index yet.