5 results (0.009 seconds)

CVSS: 9.8EPSS: 66%CPEs: 3EXPL: 3

SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request. • https://github.com/Chocapikk/CVE-2024-8517 https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_2_a_big_upload https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-3-2-SPIP-4-2-16-SPIP-4-1-18.html https://vulncheck.com/advisories/spip-upload-rce https://vozec.fr/researchs/spip-preauth-rce-2024-big-upload • CWE-646: Reliance on File Name or Extension of Externally-Supplied File •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 5

The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. • https://github.com/Chocapikk/CVE-2024-7954 https://github.com/bigb0x/CVE-2024-7954 https://github.com/fa-rrel/CVE-2024-7954-RCE https://github.com/MuhammadWaseem29/RCE-CVE-2024-7954 https://vulncheck.com/advisories/spip-porte-plume https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-3-0-alpha2-SPIP-4-2-13-SPIP-4.html https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_1_the_feather • CWE-284: Improper Access Control •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of an uploaded file. This is related to javascript/bigup.js and javascript/bigup.utils.js. SPIP anterior a 4.1.14 y 4.2.x anterior a 4.2.8 permite XSS mediante el nombre de un archivo cargado. Esto está relacionado con javascript/bigup.js y javascript/bigup.utils.js. • https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-8-SPIP-4-1-14.html?lang=fr https://git.spip.net/spip/bigup/commit/0757f015717cb72b84dba0e9a375ec71caddf1c2 https://git.spip.net/spip/bigup/commit/ada821c076d67d1147a195178223d0b4a6d8cecc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics. ecrire/public/assembler.php en SPIP anteriores a 4.1.3 y 4.2.x anteriores a 4.2.7 permite XSS porque la entrada from_request() no está restringida a caracteres seguros como los alfanuméricos. • https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-7-SPIP-4-1-13.html?lang=fr https://git.spip.net/spip/spip/commit/e90f5344b8c82711053053e778d38a35e42b7bcb https://lists.debian.org/debian-lts-announce/2024/03/msg00014.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 97%CPEs: 7EXPL: 9

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. SPIP versions 4.2.1 and below suffer from an unauthenticated remote code execution vulnerability. • https://www.exploit-db.com/exploits/51536 https://github.com/nuts7/CVE-2023-27372 https://github.com/ThatNotEasy/CVE-2023-27372 https://github.com/0SPwn/CVE-2023-27372-PoC https://github.com/izzz0/CVE-2023-27372-POC https://github.com/Chocapikk/CVE-2023-27372 https://github.com/1amthebest1/CVE-2023-27372 https://github.com/Jhonsonwannaa/CVE-2023-27372 https://github.com/redboltsec/CVE-2023-27372-PoC http://packetstormsecurity.com/files/171921/SPIP-Remote-Command-Execution.ht •