CVE-2020-24740

An issue was discovered in Pluck 4.7.10-dev2. There is a CSRF vulnerability that can editpage via a /admin.php?action=editpage...

EUVD-2020-17451

Malware in sbrugna...

Pluck CMS 代码注入漏洞

Pluck is a content management system CMS developed using the PHP language. A security vulnerability exists in Pluck CMS version 4.7.10-dev2, which originates from a vulnerability that allows an attacker to execute arbitrary php code via the hidden parameter of admin.php while editing a page...

PT-2023-11568 · Pluck Cms · Pluck Cms

Name of the Vulnerable Software and Affected Versions: Pluck CMS version 4.7.10-dev2 Description: The issue allows a remote attacker to execute arbitrary php code via the hidden parameter to "admin.php" when editing a page. Recommendations: For Pluck CMS version 4.7.10-dev2, as a temporary...

CVE-2020-24740

An issue was discovered in Pluck 4.7.10-dev2. There is a CSRF vulnerability that can editpage via a /admin.php?action=editpage...

CVE-2020-20951

In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files...

Design/Logic Flaw

In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files...

Cross site request forgery (csrf)

An issue was discovered in Pluck 4.7.10-dev2. There is a CSRF vulnerability that can editpage via a /admin.php?action=editpage...

CVE-2020-20951

In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files...

CVE-2020-24740

An issue was discovered in Pluck 4.7.10-dev2. There is a CSRF vulnerability that can editpage via a /admin.php?action=editpage...

CVE-2020-21564

CVE-2020-21564 concerns Pluck CMS versions 4.7.10-dev2 and 4.7.11, where a file upload vulnerability can lead to remote command execution via the endpoint admin.php?action=files. The sources provided describe the vulnerability but do not specify additional technical details, exploit status, affec...