Directory traversal vulnerability in data/modules/blog/module_pages_site.php in Pluck 4.6.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the post parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pluck-cms pluck 4.6.1 |