EUVD-2023-29716

Malicious code in bioql PyPI...

EUVD-2025-22449

Malicious code in bioql PyPI...

CVE-2025-46099

In Pluck CMS 4.7.20-dev, an authenticated attacker can upload or create a crafted PHP file under the albums module directory and access it via the module routing logic in albums.site.php, resulting in arbitrary command execution through a GET parameter...

CVE-2025-46099

In Pluck CMS 4.7.20-dev, an authenticated attacker can upload or create a crafted PHP file under the albums module directory and access it via the module routing logic in albums.site.php, resulting in arbitrary command execution through a GET parameter...

PT-2025-30156 · Pluck Cms · Pluck Cms

Name of the Vulnerable Software and Affected Versions: Pluck CMS version 4.7.20-dev Description: Pluck CMS contains a flaw that allows an authenticated attacker to upload or create a crafted PHP file within the albums module directory. This file can then be accessed through the module routing log...

CVE-2023-25828

Pluck CMS is vulnerable to an authenticated remote code execution RCE vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process...

Design/Logic Flaw

Pluck CMS is vulnerable to an authenticated remote code execution RCE vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process...

CVE-2023-25828

Pluck CMS (authenticated) is vulnerable to remote code execution via the albums module. A lack of file extension validation allows uploading a crafted JPEG payload containing an embedded PHP web-shell, which an authenticated admin can access to achieve RCE on the web server. Affected: Pluck CMS a...

CVE-2023-25828 Authenticate Remote Code Execution in Pluck CMS

Pluck CMS is vulnerable to an authenticated remote code execution RCE vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process...

PT-2023-20333 · Pluck Cms · Pluck Cms

Name of the Vulnerable Software and Affected Versions: Pluck CMS affected versions not specified Description: The issue concerns an authenticated remote code execution RCE vulnerability through the "albums" module. This module allows the creation of image collections that can be inserted into web...

Facil-CMS 0.1RC2 Multiple Remote Vulnerabilities

No description provided by source. Script Facil-CMS 0.1RC2 +download: http://sourceforge.net/project/platformdownload.php?groupid=217673 DORK inurl:modules.php?modload=News Copyright C 2008 by FacilCMS.org inurl: /facil-cms/ Author any.zicky Contact Me anydotzickyatgmaildotcom ; About Facil CMS i...