Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Meneame English Pligg 5.8 allows attackers to access sensitive database info
CVE-2018-25166
Summary
Meneame English Pligg version 5.8 has a security flaw that lets hackers steal sensitive information from the database by exploiting a weakness in how it handles search queries. This could allow them to get access to usernames, database names, and other confidential details. To protect your site, update to a fixed version of Meneame English Pligg as soon as possible.
Original title
Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. At...
Original description
Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can send GET requests to index.php with crafted SQL payloads in the search parameter to extract sensitive database information including usernames, database names, and version details.
nvd CVSS3.1
8.2
nvd CVSS4.0
8.8
Vulnerability type
CWE-89
SQL Injection
Published: 6 Mar 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026