CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

10 matches found

GithubExploit•added 2025/02/05 4:13 p.m.•75 views

Exploit for CVE-2024-7954

RCE-CVE-2024-7954 Description The porteplume plugin,...

9.8CVSS9.3AI score0.92991EPSS

RedhatCVE•added 2025/02/05 11:49 a.m.•7 views

CVE-2024-7954

The porteplume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request...

9.8CVSS8AI score0.92991EPSS

Exploits10References1

BDU FSTEC•added 2024/10/03 12:0 a.m.•1 views

The vulnerability of the porte_plume plugin in the SPIP content management system allows a hacker to execute arbitrary code.

The vulnerability of the porteplume plugin in the SPIP content management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted HTTP request...

10CVSS6AI score0.92991EPSS

Exploits10References6Affected Software1

NVD•added 2024/08/23 6:15 p.m.•17 views

CVE-2024-7954

The porteplume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request...

9.8CVSS0.92991EPSS

Exploits10References3

OSV•added 2024/08/23 6:15 p.m.•13 views

CVE-2024-7954

The porteplume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request...

Exploits0References3

UbuntuCve•added 2024/08/23 6:15 p.m.•15 views

CVE-2024-7954

The porteplume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request...

9.8CVSS6.6AI score0.92991EPSS

Exploits10References4

CVE•added 2024/08/23 5:43 p.m.•145 views

CVE-2024-7954

Affected software: SPIP CMS with the porte_plume plugin (versions before 4.30-alpha2, 4.2.13, and 4.1.16). Vulnerability: Unauthenticated remote code execution via crafted HTTP requests to porte_plume_previsu, allowing execution of arbitrary PHP as the SPIP user. Impact: Potential full server com...

9.8CVSS9.8AI score0.92991EPSS

In wildExploits10References3

Cvelist•added 2024/08/23 5:43 p.m.•23 views

CVE-2024-7954 SPIP porte_plume Plugin Arbitrary PHP Execution

The porteplume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request...

9.8CVSS0.92991EPSS

Exploits10References3

Debian CVE•added 2024/08/23 5:43 p.m.•21 views

CVE-2024-7954

The porteplume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request...

9.8CVSS6.6AI score0.92991EPSS

Vulnrichment•added 2024/08/23 5:43 p.m.•82 views

CVE-2024-7954 SPIP porte_plume Plugin Arbitrary PHP Execution

The porteplume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request...

9.8CVSS8.2AI score0.92991EPSS

Exploits10References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by