CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-27083

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.0%

CVSS Severity

CVSS v3 Score 7.2

References

https://medium.com/%40syed.pentester/authenticated-remote-code-execution-rce-on-pluckcms-4-7-15-c309ac1bd145
https://medium.com/%40syed.pentester/authenticated-remote-code-execution-rce-on-pluckcms-4-7-15-c309ac1bd145

Products affected by CVE-2023-27083

Pluck-Cms » Pluck » Version: 4.7.15

cpe:2.3:a:pluck-cms:pluck:4.7.15
Pluck-Cms » Pluck » Version: 4.7.16

cpe:2.3:a:pluck-cms:pluck:4.7.16

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27083

Products

Pricing

Contact Us