CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-14702

Malware in sbrugna...

8.1CVSS8.1AI score0.04249EPSS

Exploits1References2

Huntr•added 2023/03/13 3:35 p.m.•16 views

Authentication Remote Code Execution

Description Found authenticated Remote Code Execution RCE on pluck 4.7.15 While reading the source code found blacklisted extension are mentioned in the file data/inc/files.php at line 44 and 45. File upload function validating the file extension is match any one of the following extension .php,...

7.8AI score

Exploits0References1

OSV•added 2021/12/10 7:15 p.m.•9 views

CVE-2021-27984

In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files...

8.1CVSS7.2AI score

Exploits0References1

NVD•added 2021/12/10 7:15 p.m.•8 views

CVE-2021-27984

In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files...

8.1CVSS0.04249EPSS

Exploits1References1

NVD•added 2021/12/10 7:15 p.m.•12 views

CVE-2021-31747

Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in updateapplet.php, which could lead to man-in-the-middle attacks...

5.8CVSS0.00102EPSS

Exploits0References1

OSV•added 2021/12/10 7:15 p.m.•10 views

CVE-2021-31747

Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in updateapplet.php, which could lead to man-in-the-middle attacks...

4.8CVSS6.7AI score

Exploits0References1

Prion•added 2021/12/10 7:15 p.m.•8 views

Design/Logic Flaw

In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files...

7.5CVSS8.1AI score0.04249EPSS

Exploits1References1Affected Software1

Prion•added 2021/12/10 7:15 p.m.•7 views

Input validation

Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in updateapplet.php, which could lead to man-in-the-middle attacks...

5.8CVSS5AI score0.00102EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/12/10 6:40 p.m.•14 views

CVE-2021-27984

In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files...

8.4AI score0.04249EPSS

Exploits1References1

Cvelist•added 2021/12/10 6:4 p.m.•11 views

CVE-2021-31747

Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in updateapplet.php, which could lead to man-in-the-middle attacks...

5.3AI score0.00102EPSS

Exploits0References1

CVE•added 2021/12/10 5:45 p.m.•36 views

CVE-2021-31746

CVE-2021-31746 affects Pluck-CMS Pluck 4.7.15. The connected Red Hat, CNVD, OSV, NVD, CNVD and other records describe a Zip Slip vulnerability that allows uploading specially crafted zip files, causing directory traversal and potentially arbitrary code execution. The core details in the sources a...

9.8CVSS9.7AI score0.01381EPSS

Exploits1References1Affected Software1

CVE•added 2021/12/10 5:40 p.m.•41 views

CVE-2021-31745

CVE-2021-31745 affects Pluck-CMS (Pluck 4.7.15). A session-fixation vulnerability in login.php allows an attacker to sustain unauthorized access because prior sessions are not invalidated after a password change. The available documents describe the issue and do not specify a patch version or con...

7.5CVSS7.4AI score0.00346EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by