Exploit for Unrestricted Upload of File with Dangerous Type in Pluck-Cms Pluck CVE-2020-29607

Name: Exploit for Unrestricted Upload of File with Dangerous Type in Pluck-Cms Pluck CVE-2020-29607
Rating: 5 (239 reviews)
2025-10-27 | CVSS 7.2
## https://sploitus.com/exploit?id=35E84701-530D-547F-BA33-5F765BC93AB8
# Pluck CMS 4.7.13 File Upload RCE Exploit

![Exploit Banner](https://img.shields.io/badge/Exploit-CVE--2020--29607-red?style=flat-square)

## 🚨 Educational Remote Code Execution Exploit 🚨

**Author:** Ron Jost (Hacker5preme)  
**Reference:** [Exploit-DB](https://www.exploit-db.com/exploits/49283)  
**CVE:** [CVE-2020-29607](https://nvd.nist.gov/vuln/detail/CVE-2020-29607)

---

> **⚠️ Disclaimer:**
> This script is for **educational and authorized testing** purposes only. Do not use it on systems you do not own or have explicit permission to test. The author and contributors are not responsible for any misuse or damage caused by this tool.

---

## 🎯 What is this?

This is a Python 3 exploit script for the **File Upload Restriction Bypass** vulnerability in Pluck CMS **4.7.13**. It allows an authenticated admin user to upload a malicious file (webshell) and achieve remote code execution on the target server.

## 🕹️ Features

- Authenticates as admin using supplied credentials
- Uploads a minimal PHP webshell via the vulnerable file manager
- Provides direct access URL for command execution
- Fully Python 3 compatible

## 📚 References

- [Exploit-DB Entry 49283](https://www.exploit-db.com/exploits/49283)
- [Pluck CMS Official Site](https://github.com/pluck-cms/pluck)

## 🚀 Usage

```bash
python pluck_exploit.py    
```

### Example

```
python pluck_exploit.py 10.10.10.100 80 admin /pluck
```

## 🛠️ Requirements

- Python 3.x
- `requests` library

Install dependencies with:

```bash
pip install requests
```

## 🧩 How it Works

- Connects to the target Pluck CMS instance and authenticates as admin
- Uploads a `.phar` webshell using the file manager bypass
- Prints the URL to access the webshell and execute commands

## 🎨 Output

The script provides clear, step-by-step output for authentication, upload status, and webshell access.

---

## 👾 For Fun & Learning

This script is a great way to learn about file upload bypasses and remote code execution. Use it responsibly, and always with permission!

---

## 📝 License

This project is for educational use only. No warranty, no guarantees. Hack ethically, stay curious!