fix: right versions in spip_porte_plume_previsu.rb

Chocapikk · Chocapikk · commit 4994ebbef5f6 · 2024-08-30T21:53:47.000+02:00
diff --git a/modules/exploits/multi/http/spip_porte_plume_previsu_rce.rb b/modules/exploits/multi/http/spip_porte_plume_previsu_rce.rb
@@ -77,11 +77,15 @@ def check
 
     print_status("SPIP Version detected: #{rversion}")
 
-    if rversion > Rex::Version.new('4.2.12')
+    if rversion >= Rex::Version.new('4.3.0-alpha2')
       return CheckCode::Safe("The detected SPIP version (#{rversion}) is not vulnerable.")
+    elsif rversion.between?(Rex::Version.new('4.2.0'), Rex::Version.new('4.2.12'))
+      return Exploit::CheckCode::Appears("The detected SPIP version (#{rversion}) is vulnerable.")
+    elsif rversion.between?(Rex::Version.new('4.1.0'), Rex::Version.new('4.1.15'))
+      return Exploit::CheckCode::Appears("The detected SPIP version (#{rversion}) is vulnerable.")
+    elsif rversion < Rex::Version.new('4.1.0')
+      return Exploit::CheckCode::Appears("The detected SPIP version (#{rversion}) is vulnerable.")
     end
-
-    return CheckCode::Appears("The detected SPIP version (#{rversion}) is vulnerable.")
   end
 
   def php_exec_cmd(encoded_payload)
