Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An incorrect limitation of a path to a restricted directory (path traversal) has been detected in Pluck CMS, affecting version 4.7.18. An unauthenticated attacker could extract sensitive information from the server via the absolute path of a file located in the same directory or subdirectory as the module, but not from recursive directories.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
相对路径遍历
Vulnerability Title
Pluck 安全漏洞
Vulnerability Description
Pluck是Pluck CMS开源的一个用 PHP 编写的小型简单的内容管理系统。 Pluck 4.7.18版本存在安全漏洞,该漏洞源于不正确的路径限制至受限目录,可能使未认证的攻击者从服务器中提取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A