15 matches found
EUVD-2019-18438
Malware in sbrugna...
EUVD-2019-18435
Malware in sbrugna...
Pluck Cross-Site Request Forgery Vulnerability (CNVD-2019-05779)
Pluck is a content management system CMS developed using the PHP language. A cross-site request forgery vulnerability exists in Pluck version 4.7.9-dev1. A remote attacker can exploit this vulnerability by deleting a theme with /admin.php?action=themedelete&var1= URI...
Pluck Cross-Site Request Forgery Vulnerability (CNVD-2019-05780)
Pluck is a content management system CMS developed using the PHP language. A cross-site request forgery vulnerability exists in Pluck version 4.7.9-dev1. A remote attacker can exploit this vulnerability by deleting modules with /admin.php?action=moduledelete&var1= URI...
CVE-2019-9048
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete a theme aka topic via a /admin.php?action=themedelete&var1= URI...
CVE-2019-9052
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI...
CVE-2019-9050
An issue was discovered in Pluck 4.7.9-dev1. It allows administrators to execute arbitrary code by using action=installmodule to upload a ZIP archive, which is then extracted and executed...
CVE-2019-9050
An issue was discovered in Pluck 4.7.9-dev1. It allows administrators to execute arbitrary code by using action=installmodule to upload a ZIP archive, which is then extracted and executed...
Cross site request forgery (csrf)
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete articles via a /admin.php?action=deletepage&var1= URI...
Cross site request forgery (csrf)
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI...
CVE-2019-9049
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete modules via a /admin.php?action=moduledelete&var1= URI...
CVE-2019-9052
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI...
CVE-2019-9051
The CVE-2019-9051 entry concerns Pluck CMS 4.7.9-dev1 and describes a CSRF vulnerability that enables deleting articles via the URI /admin.php?action=deletepage&var1=. Public sources in connected documents (CNVD-2019-05782, OSV/NVD entries) confirm the vulnerable component as Pluck 4.7.9-dev1 and...
CVE-2019-9048
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete a theme aka topic via a /admin.php?action=themedelete&var1= URI...
CVE-2019-9049
CVE-2019-9049 affects Pluck 4.7.9-dev1. The issue is a CSRF vulnerability that allows deletion of modules via the URI /admin.php?action=module_delete&var1=, as described across NVD/CNVD/OSV records. The connected documents consistently identify the vulnerable component and the underlying action, ...