Kliqqi: >> Kliqqi Cms >> 3.5.2 Security Vulnerabilities
Kliqqi-CMS has a background arbitrary code execution vulnerability that attackers can exploit to implant backdoors or getShell via the edit_page.php component.
CVSS Score
7.2
EPSS Score
0.004
Published
2024-10-25
Kliqqi CMS 3.5.2 has XSS via a crafted group name in pligg/groups.php, a crafted Homepage string in a profile, or a crafted string in Tags or Description within pligg/submit.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-04-22
SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of a new story at the pligg/story.php?title= URI.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-04-22