mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-29 01:31:01 +00:00
1.3 KiB
1.3 KiB
CVE-2023-27372
Description
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.
POC
Reference
- http://packetstormsecurity.com/files/171921/SPIP-Remote-Command-Execution.html
- http://packetstormsecurity.com/files/173044/SPIP-4.2.1-Remote-Code-Execution.html
Github
- https://github.com/0SPwn/CVE-2023-27372-PoC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Chocapikk/CVE-2023-27372
- https://github.com/Pari-Malam/CVE-2023-27372
- https://github.com/RSTG0D/CVE-2023-27372-PoC
- https://github.com/ThatNotEasy/CVE-2023-27372
- https://github.com/abrahim7112/Vulnerability-checking-program-for-Android
- https://github.com/izzz0/CVE-2023-27372-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nuts7/CVE-2023-27372
- https://github.com/redboltsec/CVE-2023-27372-PoC
- https://github.com/tucommenceapousser/CVE-2023-27372