Lucene search
K

6 matches found

Nuclei
Nuclei
added 2026/06/23 5:8 a.m.96 views

SPIP BigUp Plugin - Remote Code Execution

SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request. id: CVE-2024-8517 info: name: SPIP BigUp Plugin - Remote Code Execution...

9.8CVSS7.7AI score0.94618EPSS
Exploits7References5
Circl
Circl
added 2024/09/06 7:6 p.m.13 views

CVE-2024-8517

creationtimestamp| type| source ---|---|--- 2024-09-06 19:06:41+00:00| seen| https://t.me/cvedetector/4981 2024-09-06 23:16:37+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8470 2024-09-11 14:58:11+00:00| seen|...

9.8CVSS7.3AI score0.94618EPSS
Exploits7References9
UbuntuCve
UbuntuCve
added 2024/09/06 4:15 p.m.13 views

CVE-2024-8517

SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request...

9.8CVSS7.4AI score0.94618EPSS
Exploits7References5
Cvelist
Cvelist
added 2024/09/06 3:55 p.m.26 views

CVE-2024-8517 SPIP Bigup Multipart File Upload OS Command Injection

SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request...

9.8CVSS0.94618EPSS
Exploits7References4
CVE
CVE
added 2024/09/06 3:55 p.m.167 views

CVE-2024-8517

CVE-2024-8517 affects the SPIP BigUp plugin (SPIP CMS). The vulnerability is a remote, unauthenticated command injection via crafted multipart file upload requests, allowing an attacker to execute arbitrary OS commands and potentially take full control of the SPIP installation. Affected versions ...

9.8CVSS9.9AI score0.94618EPSS
Exploits7References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/06 3:55 p.m.27 views

CVE-2024-8517 SPIP Bigup Multipart File Upload OS Command Injection

SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request...

9.8CVSS8.3AI score0.94618EPSS
Exploits7References4
Rows per page
Query Builder