Filtered by vendor Pluck-cms Subscriptions
Filtered by product Pluck Subscriptions
Total 42 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-6253 1 Pluck-cms 1 Pluck 2024-11-21 N/A
Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in Pluck 4.5.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the g_pcltar_lib_dir parameter.
CVE-2024-43042 1 Pluck-cms 1 Pluck 2024-09-19 9.8 Critical
Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack.