what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2023-27372

Status Candidate

Overview

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.

Related Files

SPIP 4.2.1 Remote Code Execution
Posted Jun 21, 2023
Authored by nuts7

SPIP versions 4.2.1 and below suffer from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-27372
SHA-256 | bc549f06980b67c5d5fb853b317d52b6bf509cd5c2baedf878192f640f78097d
Download | Favorite | View
SPIP Remote Command Execution
Posted Apr 18, 2023
Authored by coiffeur, Laluka, Julien Voisin | Site metasploit.com

This Metasploit module exploits a PHP code injection in SPIP. The vulnerability exists in the oubli parameter and allows an unauthenticated user to execute arbitrary commands with web user privileges. Branches 3.2, 4.0, 4.1 and 4.2 are concerned. Vulnerable versions are below 3.2.18, below 4.0.10, below 4.1.18 and below 4.2.1.

tags | exploit, web, arbitrary, php
advisories | CVE-2023-27372
SHA-256 | da36b42d35a291178bebac45397335e931352a6a022f64275dfb7fc469079f1f
Download | Favorite | View
Debian Security Advisory 5367-1
Posted Mar 2, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5367-1 - It was discovered that SPIP, a website engine for publishing, would allow a malicious user to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2023-27372
SHA-256 | 1d4b1b1ced26b5ac97eb9419c445bb93b485a6908145b4ed3c2bfbf29a5223b3
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close