EUVD-2024-49919

Malicious code in bioql PyPI...

CVE-2024-9405

An incorrect limitation of a path to a restricted directory path traversal has been detected in Pluck CMS, affecting version 4.7.18. An unauthenticated attacker could extract sensitive information from the server via the absolute path of a file located in the same directory or subdirectory as the...

CVE-2024-9405

Vulnerability summary (CVE-2024-9405): Pluck CMS v4.7.18 contains an incorrect restriction of a path to a restricted directory (path traversal). An unauthenticated attacker could read sensitive information from files in the same directory or its subdirectories by using the absolute path of a file...

Pluck CMS Cross-Site Scripting Vulnerability

Pluck is a content management system CMS developed using the PHP language. A cross-site scripting vulnerability exists in Pluck CMS version 4.7.18, which stems from unknown code in install.php in the component Installation Handler, resulting in cross-site scripting. An attacker can exploit this...

Pluck CMS 跨站脚本漏洞

Pluck is a content management system CMS developed using the PHP language. A cross-site scripting vulnerability exists in Pluck CMS version 4.7.18, which stems from unknown code in install.php in the component Installation Handler, resulting in cross-site scripting. An attacker can exploit this...