47 results (0.009 seconds)

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of an uploaded file. This is related to javascript/bigup.js and javascript/bigup.utils.js. SPIP anterior a 4.1.14 y 4.2.x anterior a 4.2.8 permite XSS mediante el nombre de un archivo cargado. Esto está relacionado con javascript/bigup.js y javascript/bigup.utils.js. • https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-8-SPIP-4-1-14.html?lang=fr https://git.spip.net/spip/bigup/commit/0757f015717cb72b84dba0e9a375ec71caddf1c2 https://git.spip.net/spip/bigup/commit/ada821c076d67d1147a195178223d0b4a6d8cecc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics. ecrire/public/assembler.php en SPIP anteriores a 4.1.3 y 4.2.x anteriores a 4.2.7 permite XSS porque la entrada from_request() no está restringida a caracteres seguros como los alfanuméricos. • https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-7-SPIP-4-1-13.html?lang=fr https://git.spip.net/spip/spip/commit/e90f5344b8c82711053053e778d38a35e42b7bcb https://lists.debian.org/debian-lts-announce/2024/03/msg00014.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 97%CPEs: 7EXPL: 9

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. SPIP versions 4.2.1 and below suffer from an unauthenticated remote code execution vulnerability. • https://www.exploit-db.com/exploits/51536 https://github.com/nuts7/CVE-2023-27372 https://github.com/ThatNotEasy/CVE-2023-27372 https://github.com/0SPwn/CVE-2023-27372-PoC https://github.com/izzz0/CVE-2023-27372-POC https://github.com/Chocapikk/CVE-2023-27372 https://github.com/1amthebest1/CVE-2023-27372 https://github.com/Jhonsonwannaa/CVE-2023-27372 https://github.com/redboltsec/CVE-2023-27372-PoC http://packetstormsecurity.com/files/171921/SPIP-Remote-Command-Execution.ht •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request. • https://blog.spip.net/Mise-a-jour-de-securite-sortie-de-SPIP-4-1-7-SPIP-4-0-9-et-SPIP-3-2-17.html https://github.com/Abyss-W4tcher/ab4yss-wr4iteups/blob/ffa980faa9e3598d49d6fb7def4f7a67cfb5f427/SPIP%20-%20Pentest/SPIP%204.1.5/SPIP_4.1.5_AND_BEFORE_AUTH_SQLi_Abyss_Watcher.md https://www.debian.org/security/2023/dsa-5325 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 3

RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups parameter. RCE en SPIP 3.1.13 a 4.1.2 permite a usuarios remotos autenticados ejecutar código arbitrario a través del parámetro _oups. • https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-1-5-SPIP-4-0-8-et-SPIP-3-2-16.html https://github.com/Abyss-W4tcher/ab4yss-wr4iteups/blob/ffa980faa9e3598d49d6fb7def4f7a67cfb5f427/SPIP%20-%20Pentest/SPIP%204.1.2/SPIP_4.1.2_AUTH_RCE/SPIP_4.1.2_AUTH_RCE_Abyss_Watcher_12_07_22.md https://pastebin.com/ZH7CPc8X https://spawnzii.github.io/posts/2022/07/how-we-have-pwned-root-me-in-2022 •