Lucene search
GoogleOSV:CVE-2020-29607HistoryDec 16, 2020 - 3:15 p.m.
CVE-2020-29607
2020-12-1615:15:12
Google
osv.dev
5
A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the “manage files” functionality, which may result in remote code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pluck | eq | 4.7.5 | |
| pluck | eq | 4.7.10-dev4 | |
| pluck | eq | 4.7.11-dev2 | |
| pluck | eq | 4.7 | |
| pluck | eq | 4.7.5-noversion | |
| pluck | eq | 4.7.8-dev3 | |
| pluck | eq | 4.7.6 | |
| pluck | eq | 4.74 | |
| pluck | eq | 4.7.11 | |
| pluck | eq | 4.7.8-dev2 |
Related
prion
prion
Design/Logic Flaw
2020-12-16 15:15:00
cve
cve
CVE-2020-29607
2020-12-16 15:15:12
cvelist
cvelist
CVE-2020-29607
2020-12-16 14:28:27
packetstorm
packetstorm
Pluck CMS 4.7.13 Remote Shell Upload
2021-05-26 00:00:00
nvd
nvd
CVE-2020-29607
2020-12-16 15:15:12
zdt
zdt
Pluck CMS 4.7.13 - File Upload Remote Code Execution (Authenticated) Exploit
2021-05-26 00:00:00
exploitdb
exploitdb
Pluck CMS 4.7.13 - File Upload Remote Code Execution (Authenticated)
2021-05-26 00:00:00
checkpoint_advisories
checkpoint_advisories