2 matches found
CVE-2019-9050
An issue was discovered in Pluck 4.7.9-dev1. It allows administrators to execute arbitrary code by using action=installmodule to upload a ZIP archive, which is then extracted and executed...
CVE-2019-9050
Pluck 4.7.9-dev1 is vulnerable to arbitrary code execution via the ZIP upload path using action=installmodule, where the uploaded ZIP is extracted and its contents executed. The issue is documented across CVE-2019-9050 entries (NVD/CVE, CNVD, OSV, CVE List) and related records, all indicating adm...