Update modules/exploits/multi/http/spip_porte_plume_previsu_rce.rb

Chocapikk · jvoisin · web-flow · commit 718c215b9607 · 2024-08-18T21:22:09.000+02:00
Co-authored-by: Julien Voisin &lt;jvoisin@users.noreply.github.com&gt;
diff --git a/modules/exploits/multi/http/spip_porte_plume_previsu_rce.rb b/modules/exploits/multi/http/spip_porte_plume_previsu_rce.rb
@@ -19,8 +19,8 @@ def initialize(info = {})
           This module exploits a Remote Code Execution vulnerability in SPIP versions up to and including 4.2.12.
           The vulnerability occurs in SPIP’s templating system where it incorrectly handles user-supplied input,
           allowing an attacker to inject and execute arbitrary PHP code. This can be achieved by crafting a
-          payload that manipulates the templating data processed by the `echappe_retour()` function, which invokes
-          `traitements_previsu_php_modeles_eval()`, containing an `eval()` call.
+          payload manipulating the templating data processed by the `echappe_retour()` function, invoking
+          `traitements_previsu_php_modeles_eval()`, which contains an `eval()` call.
         },
         'Author' => [
           'Valentin Lobstein',  # Metasploit module author
