Web application abuses : Pligg CMS Multiple Security Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.103139

Categoría: Web application abuses

Título: Pligg CMS Multiple Security Vulnerabilities

Resumen: Pligg CMS is prone to multiple security vulnerabilities because it; fails to properly sanitize user-supplied input. These vulnerabilities; include a local file-include vulnerability, a security-bypass; vulnerability, and an authentication-bypass vulnerability.

Descripción: Summary:
Pligg CMS is prone to multiple security vulnerabilities because it
fails to properly sanitize user-supplied input. These vulnerabilities
include a local file-include vulnerability, a security-bypass
vulnerability, and an authentication-bypass vulnerability.

Vulnerability Impact:
Attackers can exploit these issues to view and execute arbitrary local
files in the context of the webserver process, bypass security-restrictions, and perform unauthorized actions.

Affected Software/OS:
Versions prior to Pligg CMS 1.1.4 are vulnerable.

Solution:
The vendor has released a fix. Please see the references for more
information.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.103139
Categoría:	Web application abuses
Título:	Pligg CMS Multiple Security Vulnerabilities
Resumen:	Pligg CMS is prone to multiple security vulnerabilities because it; fails to properly sanitize user-supplied input. These vulnerabilities; include a local file-include vulnerability, a security-bypass; vulnerability, and an authentication-bypass vulnerability.
Descripción:	Summary: Pligg CMS is prone to multiple security vulnerabilities because it fails to properly sanitize user-supplied input. These vulnerabilities include a local file-include vulnerability, a security-bypass vulnerability, and an authentication-bypass vulnerability. Vulnerability Impact: Attackers can exploit these issues to view and execute arbitrary local files in the context of the webserver process, bypass security-restrictions, and perform unauthorized actions. Affected Software/OS: Versions prior to Pligg CMS 1.1.4 are vulnerable. Solution: The vendor has released a fix. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Copyright	Copyright (C) 2011 Greenbone AG