An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete modules via a /admin.php?action=module_delete&var1= URI.
References
Link | Resource |
---|---|
https://github.com/pluck-cms/pluck/issues/69 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-02-23T19:00:00
Updated: 2019-02-23T19:57:01
Reserved: 2019-02-23T00:00:00
Link: CVE-2019-9049
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-02-23T19:29:00.297
Modified: 2019-02-25T15:14:24.883
Link: CVE-2019-9049
JSON object: View
Redhat Information
No data.
CWE