Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-16729

Pluck 4.7.7 allows XSS via an SVG file that contains Javascript in a SCRIPT element, and is uploaded via pages->manage under admin.php?action=files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.4%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
Products affected by CVE-2018-16729
  • Pluck-Cms » Pluck » Version: 4.7.7
    cpe:2.3:a:pluck-cms:pluck:4.7.7


Products
Pricing
Contact Us

Shodan ® - All rights reserved