6 matches found
SPIP BigUp Plugin - Remote Code Execution
SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request. id: CVE-2024-8517 info: name: SPIP BigUp Plugin - Remote Code Execution...
CVE-2024-8517
creationtimestamp| type| source ---|---|--- 2024-09-06 19:06:41+00:00| seen| https://t.me/cvedetector/4981 2024-09-06 23:16:37+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8470 2024-09-11 14:58:11+00:00| seen|...
CVE-2024-8517
SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request...
CVE-2024-8517 SPIP Bigup Multipart File Upload OS Command Injection
SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request...
CVE-2024-8517
CVE-2024-8517 affects the SPIP BigUp plugin (SPIP CMS). The vulnerability is a remote, unauthenticated command injection via crafted multipart file upload requests, allowing an attacker to execute arbitrary OS commands and potentially take full control of the SPIP installation. Affected versions ...
CVE-2024-8517 SPIP Bigup Multipart File Upload OS Command Injection
SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request...