CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2024/09/23 12:0 a.m.•2287 views

SPIP BigUp 4.3.1 Code Injection

============================================================================================================================================= | Title : SPIP BigUp 4.3.1 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64...

Packet Storm•added 2024/09/20 12:0 a.m.•300 views

SPIP BigUp 4.2.15 Code Injection

============================================================================================================================================= | Title : SPIP BigUp 4.2.15 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64...

Packet Storm•added 2024/09/19 12:0 a.m.•317 views

SPIP BigUp 4.1.17 Code Injection

============================================================================================================================================= | Title : SPIP BigUp 4.1.17 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64...

Packet Storm•added 2024/09/17 12:0 a.m.•205 views

SPIP BigUp 4.0 Code Injection

============================================================================================================================================= | Title : SPIP BigUp 4.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bi...

0day.today•added 2024/09/14 12:0 a.m.•751 views

SPIP BigUp 4.3.1 / 4.2.15 / 4.1.17 Unauthenticated Remote Code Execution Exploit

This Metasploit module exploits a Remote Code Execution vulnerability in the BigUp plugin of SPIP. The vulnerability lies in the listerfichiersparchamps function, which is triggered when the bigupretrouverfichiers parameter is set to any value. By exploiting the improper handling of multipart for...

9.8CVSS8.4AI score0.94618EPSS

Packet Storm•added 2024/09/12 12:0 a.m.•413 views

SPIP BigUp 4.3.1 / 4.2.15 / 4.1.17 Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SPIP BigUp Plugin Unauthenticated RCE', 'Description' = %q This module exploits a Remote Code Execution vulnerability in the BigUp plugin of SPIP...

9.8CVSS7AI score0.94618EPSS

Metasploit•added 2024/09/11 6:54 p.m.•745 views

SPIP BigUp Plugin Unauthenticated RCE

This module exploits a Remote Code Execution vulnerability in the BigUp plugin of SPIP. The vulnerability lies in the listerfichiersparchamps function, which is triggered when the bigupretrouverfichiers parameter is set to any value. By exploiting the improper handling of multipart form data in...

9.8CVSS9.6AI score0.94618EPSS

GithubExploit•added 2024/09/06 6:17 p.m.•797 views

Exploit for Reliance on File Name or Extension of Externally-Supplied File in Spip

😈 SPIP BigUp Unauthenticated RCE Exploit 😈 📜 Description...

9.8CVSS10AI score0.94618EPSS