CVE-2023-27083 | SynScan

Vulnerability Database

290,300

Total vulnerabilities in the database

CVE-2023-27083

An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality.

Published: Jun 22, 2023
Updated: Nov 8, 2023
CVE: CVE-2023-27083
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.2
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-434

Affected Software
References

Software	From	Fixed in
pluck-cms / pluck	4.7.16-dev1	4.7.16-dev1.x
pluck-cms / pluck	4.7.16-dev2	4.7.16-dev2.x
pluck-cms / pluck	4.7.16-dev3	4.7.16-dev3.x
pluck-cms / pluck	4.7.16-dev4	4.7.16-dev4.x
pluck-cms / pluck	4.7.16-dev5	4.7.16-dev5.x
pluck-cms / pluck	4.7.15	4.7.16
pluck-cms / pluck	4.7.16	4.7.16.x