7 matches found
CVE-2022-26965
In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution...
CVE-2022-26965
In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution...
CVE-2022-26965
In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution...
CVE-2022-26965
CVE-2022-26965 – Pluck CMS 4.7.16 RCE via theme upload : The connected sources confirm a remote code execution vulnerability in Pluck CMS 4.7.16, exploitable by an authenticated admin using the theme upload functionality at /admin.php?action=themeinstall. The NVD entry lists CVSS v3.1 base score ...
Pluck CMS 4.7.16 Shell Upload
Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Date: 13.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.p...
Pluck CMS 4.7.16 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.py 127.0.0.1 80...
Pluck CMS 4.7.16 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Date: 13.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.p...