12 matches found
VulnCheck KEV: CVE-2025-71243
The 'Saisies pour formulaire' Saisies plugin for SPIP versions 5.4.0 through 5.11.0 contains a critical Remote Code Execution RCE vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the server. Users should immediately update to version 5.11.1 or later...
Metasploit Wrap-Up 03/13/2026
No bad luck here: Friday the 13th brings new modules and a Metasploit Pro milestone This week’s Metasploit Framework release delivers three new modules across reconnaissance, evasion, and exploitation: LeakIX-powered discovery for exposed services and leaked data, a Linux x64 RC4 payload packer f...
📄 SPIP Saisies 5.11.0 Remote Code Execution
This Metasploit module exploits a PHP code injection vulnerability in the Saisies plugin for SPIP. The vulnerability allows an attacker to inject and execute arbitrary PHP code through the vulnerable parameter anciennesvaleurs. Versions 5.4.0 through 5.11.0 are affected...
📄 SPIP Saisies 5.11.0 Remote Code Execution
Proof of concept exploit for a PHP code injection vulnerability in the Saisies plugin for SPIP. The vulnerability allows an attacker to inject and execute arbitrary PHP code through the vulnerable parameter anciennesvaleurs. Versions 5.4.0 through 5.11.0 are affected. Written in PHP...
CVE-2025-71243
The 'Saisies pour formulaire' Saisies plugin for SPIP versions 5.4.0 through 5.11.0 contains a critical Remote Code Execution RCE vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the server. Users should immediately update to version 5.11.1 or later...
CVE-2025-71243
The 'Saisies pour formulaire' Saisies plugin for SPIP versions 5.4.0 through 5.11.0 contains a critical Remote Code Execution RCE vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the server. Users should immediately update to version 5.11.1 or later...
Exploit for CVE-2025-71243
CVE-2025-71243 - SPIP Saisies Plugin Remote Code Execution...
CVE-2025-71243 SPIP Saisies Plugin < 5.11.1 Remote Code Execution
The 'Saisies pour formulaire' Saisies plugin for SPIP versions 5.4.0 through 5.11.0 contains a critical Remote Code Execution RCE vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the server. Users should immediately update to version 5.11.1 or later...
CVE-2025-71243
SPIP Saisies plugin 5.4.0–5.11.0 is affected by an unauthenticated remote code execution vulnerability. The _anciennes_valeurs parameter is injected into a hidden field and, because SPIP renders it with interdire_scripts = false and the template is evaluated via PHP, injected PHP is executed on t...
CVE-2025-71243
The 'Saisies pour formulaire' Saisies plugin for SPIP versions 5.4.0 through 5.11.0 contains a critical Remote Code Execution RCE vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the server. Users should immediately update to version 5.11.1 or later...
CVE-2025-71243 SPIP Saisies Plugin < 5.11.1 Remote Code Execution
The 'Saisies pour formulaire' Saisies plugin for SPIP versions 5.4.0 through 5.11.0 contains a critical Remote Code Execution RCE vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the server. Users should immediately update to version 5.11.1 or later...
PT-2026-20841
Name of the Vulnerable Software and Affected Versions SPIP Saisies plugin versions 5.4.0 through 5.11.0 Description The 'Saisies pour formulaire' Saisies plugin for SPIP contains a critical Remote Code Execution RCE issue. An attacker can exploit this issue to execute arbitrary code on the server...