CVE-2023-50564

Exploitation Summary

EIP tracks 9 public exploits for CVE-2023-50564. PoCs published by Rai2en, thefizzyfish, xpltive.

AI-analyzed exploit summary This repository contains a functional Python-based exploit for CVE-2023-50564, which leverages an unauthorized file upload vulnerability in Pluck CMS v4.7.18 to achieve remote command execution via a malicious ZIP file containing a PHP shell.

Description

An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file.

Exploits (9)

nomisec WORKING POC 19 stars

by Rai2en · poc

https://github.com/Rai2en/CVE-2023-50564_Pluck-v4.7.18_PoC

View Code ZIP pw:eip

This repository contains a functional Python-based exploit for CVE-2023-50564, which leverages an unauthorized file upload vulnerability in Pluck CMS v4.7.18 to achieve remote command execution via a malicious ZIP file containing a PHP shell.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Pluck CMS v4.7.18

Auth required

Prerequisites: Valid credentials for Pluck CMS · Python 3.x with requests and requests_toolbelt · A crafted payload.zip containing a PHP shell

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 19, 2026 Full analysis →

nomisec WORKING POC 3 stars

by thefizzyfish · poc

https://github.com/thefizzyfish/CVE-2023-50564-pluck

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2023-50564, an arbitrary file upload vulnerability in Pluck-CMS v4.7.18. The exploit authenticates, uploads a malicious ZIP file containing a PHP reverse shell, and triggers execution by accessing the uploaded file.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Pluck-CMS v4.7.18

Auth required

Prerequisites: Valid credentials for Pluck-CMS · Network access to the target · Listener setup for reverse shell

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 19, 2026 Full analysis →

nomisec WORKING POC 1 stars

by xpltive · poc

https://github.com/xpltive/CVE-2023-50564

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2023-50564, an RCE vulnerability in Pluck CMS v4.7.18. The exploit leverages an arbitrary file upload vulnerability in `/inc/modules_install.php` to upload a malicious ZIP file containing a PHP web shell, enabling remote command execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Pluck CMS v4.7.18

Auth required

Prerequisites: Valid credentials for Pluck CMS login · Network access to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 19, 2026 Full analysis →

nomisec WORKING POC 1 stars

by Mrterrestrial · poc

https://github.com/Mrterrestrial/CVE-2023-50564

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2023-50564, an authenticated arbitrary file upload vulnerability in Pluck CMS v4.7.18. The exploit uploads a PHP reverse shell via the `/admin.php?action=installmodule` endpoint, enabling remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Pluck CMS v4.7.18

Auth required

Prerequisites: Valid credentials for Pluck CMS · Network access to the target · Attacker-controlled listener for reverse shell

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 19, 2026 Full analysis →

nomisec WORKING POC

by kikechans · poc

https://github.com/kikechans/-Pluck-CMS-RCE-CVE-2023-50564

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2023-50564, targeting Pluck CMS. The exploit automates a login, uploads a malicious ZIP module containing a reverse shell, and triggers the payload to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Pluck CMS

Auth required

Prerequisites: valid credentials for the Pluck CMS admin panel · network connectivity to the target · listener setup for reverse shell

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 27, 2026 Full analysis →

nomisec WORKING POC

by glynzr · poc

https://github.com/glynzr/CVE-2023-50564

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2023-50564, targeting Pluck CMS v4.7.18. The exploit allows an authenticated admin to upload a malicious ZIP module containing a PHP shell, resulting in remote code execution (RCE).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Pluck CMS v4.7.18

Auth required

Prerequisites: Valid admin credentials · Access to the target's admin interface · PHP reverse shell file

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 19, 2026 Full analysis →

nomisec WORKING POC

by 0xDTC · poc

https://github.com/0xDTC/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2023-50564, a Remote Code Execution (RCE) vulnerability in Pluck CMS v4.7.18. The exploit automates the process of authenticating to the admin panel, uploading a malicious ZIP file containing a reverse shell, and executing it to gain remote access.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Pluck CMS v4.7.18

Auth required

Prerequisites: Netcat listener · Admin credentials for Pluck CMS · Target host accessibility

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

nomisec WORKING POC

by rwexecute · poc

https://github.com/rwexecute/CVE-2023-50564

View Code ZIP pw:eip

This repository contains a functional Python script that exploits CVE-2023-50564 to upload a reverse PHP shell to a vulnerable PluckCMS server. The exploit authenticates using provided credentials and leverages a file upload vulnerability in the admin panel.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: PluckCMS (version not specified)

Auth required

Prerequisites: Valid PluckCMS credentials · Network access to the target server · A reverse shell payload (PHP) zipped for upload

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 19, 2026 Full analysis →

nomisec WORKING POC

by ipuig · poc

https://github.com/ipuig/CVE-2023-50564

View Code ZIP pw:eip

This repository contains a functional Go-based exploit for CVE-2023-50564, which targets a vulnerability in Pluck CMS. The exploit authenticates, uploads a malicious ZIP file containing a reverse shell PHP payload, and triggers its execution via module installation.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Pluck CMS

Auth required

Prerequisites: Valid credentials for Pluck CMS · Network access to the target · Listener setup for reverse shell

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit

https://github.com/SecBridge/Cms_Vuls_test/blob/main/Pluckcms/Pluck_v4.7.18_Any_File_Upload_Getshell.md

Pluck-CMS 4.7.18 - Arbitrary File Upload via ZIP File in Modules Install

Exploitation Summary

Description

Exploits (9)

References (1)

Scores

CISA SSVC

Details