Lucene search

CVE-2024-7954

🗓️ 23 Aug 2024 18:07:15Reported by [email protected]Type

The porte_plume plugin in SPIP before version 4.30-alpha2, 4.2.13, and 4.1.16 allows remote unauthenticated attackers to execute arbitrary PHP code via crafted HTTP request

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 13
OSV	UBUNTU-CVE-2024-7954	23 Aug 202418:15	–	osv
OSV	CVE-2024-7954	23 Aug 202418:15	–	osv
UbuntuCve	CVE-2024-7954	23 Aug 202400:00	–	ubuntucve
Vulnrichment	CVE-2024-7954 SPIP porte_plume Plugin Arbitrary PHP Execution	23 Aug 202417:43	–	vulnrichment
RedhatCVE	CVE-2024-7954	5 Feb 202511:49	–	redhatcve
CVE	CVE-2024-7954	23 Aug 202418:15	–	cve
Nuclei	SPIP Porte Plume Plugin - Remote Code Execution	29 Aug 202400:22	–	nuclei
Circl	CVE-2024-7954	2 Feb 202500:00	–	circl
Cvelist	CVE-2024-7954 SPIP porte_plume Plugin Arbitrary PHP Execution	23 Aug 202417:43	–	cvelist
GithubExploit	Exploit for CVE-2024-7954	15 Nov 202421:08	–	githubexploit

Source	Link
vulncheck	www.vulncheck.com/advisories/spip-porte-plume
blog	www.blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-3-0-alpha2-SPIP-4-2-13-SPIP-4.html
thinkloveshare	www.thinkloveshare.com/hacking/spip_preauth_rce_2024_part_1_the_feather/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Aug 2024 18:15Current

CVSS39.8

EPSS0.93781

CWE-284