Hi! I found a Unrestricted File Upload Vulnerability on PluckCMS 4.7.4.
I found i can bypass the filetype detection on background site by modifying the MIME type on HTTP request. And with uploading a PHP File, i can get a webshell.
Please fix it ASAP and contact me to get more details(i did not find you email) :
My email:codeklaus@gmail.com
Hi! I found a Unrestricted File Upload Vulnerability on PluckCMS 4.7.4. I found i can bypass the filetype detection on background site by modifying the MIME type on HTTP request. And with uploading a PHP File, i can get a webshell. Please fix it ASAP and contact me to get more details(i did not find you email) : My email:codeklaus@gmail.com