CVE-2026-31205

Cross Site Scripting vulnerability in Pluck CMS before v.4.7.21dev allows a remote attacker to escalate privileges via the editpage.php and the sanitizePageContent function...

Pluck CMS 安全漏洞

Pluck CMS is a content management system from Plunk CMS open source. A security vulnerability exists in Pluck CMS version 4.7.20-dev, which stems from a flaw in the routing logic of the albums module that could lead to arbitrary command execution...

CVE-2023-27083

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality...

Exploit for Unrestricted Upload of File with Dangerous Type in Pluck-Cms Pluck

CVE-2023-50564 - Pluck CMS v4.7.18 Remote Code Execution RCE...

Pluck 安全漏洞

Pluck is a small and simple content management system written in PHP by Pluck CMS Open Source. A security vulnerability exists in Pluck version 4.7.18, which stems from an incorrect path restriction to a restricted directory that could allow an unauthenticated attacker to extract sensitive...

Pluck 安全漏洞

Pluck is a small and simple content management system written in PHP by Pluck CMS Open Source. A security vulnerability exists in Pluck version 4.7.18 that stems from not limiting failed login attempts, allowing an attacker to perform a brute force attack...

Pluck 跨站脚本漏洞

Pluck is a content management system CMS developed using the PHP language. A security vulnerability exists in Pluck CMS versions 4.7.15 through 4.7.16-dev4, which originates from a cross-site scripting XSS vulnerability in file /admin.php. An attacker can exploit the vulnerability by uploading a...

Pluck 跨站请求伪造漏洞

Pluck is a content management system CMS developed using the PHP language. A cross-site request forgery vulnerability exists in Pluck CMS version 4.7.15, which stems from The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user...

Pluck 授权问题漏洞

Pluck is a content management system CMS developed using the PHP language. Pluck-CMS Pluck suffers from an authorization issue vulnerability that stems from a session repair vulnerability in login.php that allows an attacker to maintain unauthorized access to the platform. Since Pluck does not...

Pluck 路径遍历漏洞

Pluck is a content management system CMS developed using the PHP language. A security vulnerability exists in Pluck-CMS Pluck that stems from a Zip Slip vulnerability in Pluck-CMS Pluck version 4.7.15 that allows an attacker to upload specially crafted zip files, leading to directory traversal an...

Pluck Code Issue Vulnerability

Pluck is a Content Management System CMS developed in PHP. A code issue exists in Pluck CMS versions prior to 4.7.13, which stems from a file upload limit bypass vulnerability that allows a privileged administrator user to access the host computer via the "Manage Files" feature, which could lead ...

File Upload Vulnerability in Pluck CMS Backend

Pluck is a small and simple content management system written in php. A file upload vulnerability exists in the Pluck CMS backend, which can be exploited by attackers to gain server privileges...

Pluck Remote PHP Code Execution Vulnerability

pluk is a simple content management system CMS written in PHP. A security vulnerability exists in versions prior to pluck 4.7.6. A remote attacker can exploit the vulnerability to execute PHP code...

Pluck CMS Information Disclosure Vulnerability

Pluck CMS is a content management system CMS written in php. An information disclosure vulnerability exists in Pluck CMS version 4.7.2. A remote attacker can exploit this vulnerability to obtain sensitive information...

Pluck 'albums_getimage.php' path traversal vulnerability

pluk is a simple PHP-based content management system. A directory traversal vulnerability exists in Pluck that allows remote attackers to submit a special directory traversal request to view the contents of system files with WEB privileges...