exploitDog

CVE-2019-9049

Опубликовано: 23 фев. 2019

Источник: nvd

CVSS3: 6.5

CVSS2: 5.8

EPSS Низкий

Описание

An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete modules via a /admin.php?action=module_delete&var1= URI.

Ссылки

https://github.com/pluck-cms/pluck/issues/69
Exploit
Third Party Advisory
https://github.com/pluck-cms/pluck/issues/69
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pluck-cms:pluck:4.7.9:dev1:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00161

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-vrw6-67xg-v5fp

CVSS3: 6.5

github

больше 3 лет назад

An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete modules via a /admin.php?action=module_delete&var1= URI.

EPSS

Процентиль: 37%

0.00161

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-352