Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-26965 PoC — Pluck 代码问题漏洞

Source
https://github.com/SkDevilS/Pluck-Exploitation-by-skdevils
Associated Vulnerability
Title:Pluck 代码问题漏洞 (CVE-2022-26965)
Description:Pluck是一套使用PHP语言开发的内容管理系统(CMS)。 Pluck CMS 4.7.16版本存在代码问题漏洞,该漏洞源于Pluck CMS 4.7.16版本存在远程 shell 上传执行漏洞。
Description
# Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution (RCE) (Authenticated) # Date: 13.03.2022 # Exploit Author: Ashish Koli (Shikari) # Vendor Homepage: https://github.com/pluck-cms/pluck # Version: 4.7.16 # Tested on Ubuntu 20.04.3 LTS # CVE: CVE-2022-26965
Readme
# Pluck-Exploitation-by-skdevils
# Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution (RCE) (Authenticated) # Date: 13.03.2022 # Exploit Author: Ashish Koli (Shikari) # Vendor Homepage: https://github.com/pluck-cms/pluck # Version: 4.7.16 # Tested on Ubuntu 20.04.3 LTS # CVE: CVE-2022-26965
File Snapshot

 [4.0K]  /data/pocs/c7010b9b699285291543573ec0ebb3ef0c418d29
├── [4.8K]  40616.c
├── [  71]  MACHINE DOWNLOAD LINK.txt
├── [1.2M]  PLUCK EXPLOITATION   CYBER SECURITY AND ETHICAL HACKING.pdf
├── [ 298]  README.md
└── [ 232]  Readme.txt

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.