exploitDog

GHSA-8x34-hcfv-c7qh

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

An issue was discovered in Pluck CMS v4.7.11. There is a file upload vulnerability that can cause a remote command execution via admin.php?action=files.

An issue was discovered in Pluck CMS v4.7.11. There is a file upload vulnerability that can cause a remote command execution via admin.php?action=files.

Ссылки

EPSS

Процентиль: 88%

0.03726

Низкий

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2020-21564

CVSS3: 8.8

nvd

больше 5 лет назад

An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11. There is a file upload vulnerability that can cause a remote command execution via admin.php?action=files.

EPSS

Процентиль: 88%

0.03726

Низкий

CVE ID

Дефекты

CWE-434