Lucene search
K

7 matches found

Nuclei
Nuclei
added yesterday10 views

SPIP Saisies - Remote Code Execution

SPIP Saisies plugin 5.4.0 through 5.11.0 contains a remote code execution caused by an unspecified flaw, letting attackers execute arbitrary code on the server, exploit requires no special conditions. id: CVE-2025-71243 info: name: SPIP Saisies - Remote Code Execution author: omarkurt severity:...

9.8CVSS6.7AI score0.05126EPSS
Exploits5References4
Rapid7 Blog
Rapid7 Blog
added 2026/03/13 7:6 p.m.14 views

Metasploit Wrap-Up 03/13/2026

No bad luck here: Friday the 13th brings new modules and a Metasploit Pro milestone This week’s Metasploit Framework release delivers three new modules across reconnaissance, evasion, and exploitation: LeakIX-powered discovery for exposed services and leaked data, a Linux x64 RC4 payload packer f...

9.8CVSS5.8AI score0.05126EPSS
Exploits5
Packet Storm
Packet Storm
added 2026/03/10 12:0 a.m.125 views

📄 SPIP Saisies 5.11.0 Remote Code Execution

This Metasploit module exploits an unauthenticated PHP code injection in the SPIP Saisies plugin. The anciennesvaleurs form parameter is interpolated unsanitized into a hidden field rendered with interdirescripts=false, allowing direct PHP code execution via template eval. Exploitation requires a...

9.8CVSS6.2AI score0.05126EPSS
Exploits5
Metasploit
Metasploit
added 2026/03/09 6:57 p.m.302 views

SPIP Saisies Plugin Unauthenticated RCE

This module exploits an unauthenticated PHP code injection in the SPIP Saisies plugin CVE-2025-71243. The anciennesvaleurs form parameter is interpolated unsanitized into a hidden field rendered with interdirescripts=false, allowing direct PHP code execution via template eval. Exploitation requir...

9.8CVSS6.2AI score0.05126EPSS
Exploits5
Packet Storm
Packet Storm
added 2026/02/24 12:0 a.m.131 views

📄 SPIP Saisies 5.11.0 Remote Code Execution

This Metasploit module exploits a PHP code injection vulnerability in the Saisies plugin for SPIP. The vulnerability allows an attacker to inject and execute arbitrary PHP code through the vulnerable parameter anciennesvaleurs. Versions 5.4.0 through 5.11.0 are affected...

9.8CVSS6.1AI score0.05126EPSS
Exploits5
NVD
NVD
added 2026/02/19 4:27 p.m.8 views

CVE-2025-71243

The 'Saisies pour formulaire' Saisies plugin for SPIP versions 5.4.0 through 5.11.0 contains a critical Remote Code Execution RCE vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the server. Users should immediately update to version 5.11.1 or later...

9.8CVSS0.05126EPSS
Exploits5References3
GithubExploit
GithubExploit
added 2026/02/19 4:13 p.m.240 views

Exploit for CVE-2025-71243

CVE-2025-71243 - SPIP Saisies Plugin Remote Code Execution...

9.8CVSS6.1AI score0.99637EPSS
Exploits27
Rows per page
Query Builder