CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-20718

File Upload vulnerability in PluckCMS v.4.7.10 dev versions allows a remote attacker to execute arbitrary code via a crafted image file to the the save_file() parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.7%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/pluck-cms/pluck/issues/79
https://github.com/pluck-cms/pluck/issues/79

Products affected by CVE-2020-20718

Pluck-Cms » Pluckcms » Version: 4.7.10

cpe:2.3:a:pluck-cms:pluckcms:4.7.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-20718

Products

Pricing

Contact Us