BSteelooper
commented
6 years ago solved with pull request #54
Closed CodeKlaus closed 6 years ago
BSteelooper
commented
6 years ago solved with pull request #54
BSteelooper
commented
6 years ago @codeklaus Please verify if solved.
Hi! I found a Unrestricted File Upload Vulnerability on PluckCMS 4.7.4. I found i can bypass the filetype detection on background site by modifying the MIME type on HTTP request. And with uploading a PHP File, i can get a webshell.
Please fix it ASAP and contact me to get more details(i did not find you email) :
My email:codeklaus@gmail.com