← back
CVE-2009-4788

CVE-2009-4788

EPSS 1.0%
Multiple open redirect vulnerabilities in Pligg 1.0.2 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the (1) return parameter to pligg/login.php and the (2) HTTP Referer header to user_settings.php.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://holisticinfosec.org/content/view/130/45/http://secunia.com/advisories/37349http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/