Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pluck-cms pluck 4.7.2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-8706
Pluck CMS 4.7.2 allows remote malicious users to obtain sensitive information by (1) changing "PHPSESSID" to an array; (2) adding non-alphanumeric chars to "PHPSESSID"; (3) changing the image parameter to an array; or (4) changing the image parameter to a stri...
Pluck-cms Pluck 4.7.2
4
CVSSv2
CVE-2014-8707
Cross-site scripting (XSS) vulnerability in TinyMCE in Pluck CMS 4.7.2 allows remote authenticated users to inject arbitrary web script or HTML via the "edit HTML source" option.
Pluck-cms Pluck 4.7.2
7.5
CVSSv2
CVE-2014-8708
Pluck CMS 4.7.2 allows remote malicious users to execute arbitrary code via the blog form feature.
Pluck-cms Pluck 4.7.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started