Skip to content

Commit facd583

Browse files
msjenkins-r7msjenkins-r7
committed
automatic module_metadata_base.json update
1 parent f3a2205 commit facd583

File tree

1 file changed

+64
-0
lines changed

1 file changed

+64
-0
lines changed

db/modules_metadata_base.json

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -110355,6 +110355,70 @@
110355110355
"session_types": false,
110356110356
"needs_cleanup": null
110357110357
},
110358+
"exploit_multi/http/spip_porte_plume_previsu_rce": {
110359+
"name": "SPIP Unauthenticated RCE via porte_plume Plugin",
110360+
"fullname": "exploit/multi/http/spip_porte_plume_previsu_rce",
110361+
"aliases": [
110362+
110363+
],
110364+
"rank": 600,
110365+
"disclosure_date": "2024-08-16",
110366+
"type": "exploit",
110367+
"author": [
110368+
"Valentin Lobstein",
110369+
"Laluka",
110370+
"Julien Voisin"
110371+
],
110372+
"description": "This module exploits a Remote Code Execution vulnerability in SPIP versions up to and including 4.2.12.\n The vulnerability occurs in SPIP’s templating system where it incorrectly handles user-supplied input,\n allowing an attacker to inject and execute arbitrary PHP code. This can be achieved by crafting a\n payload manipulating the templating data processed by the `echappe_retour()` function, invoking\n `traitements_previsu_php_modeles_eval()`, which contains an `eval()` call.",
110373+
"references": [
110374+
"URL-https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-3-0-alpha2-SPIP-4-2-13-SPIP-4.html",
110375+
"URL-https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_1_the_feather"
110376+
],
110377+
"platform": "Linux,PHP,Unix,Windows",
110378+
"arch": "php, cmd",
110379+
"rport": 80,
110380+
"autofilter_ports": [
110381+
80,
110382+
8080,
110383+
443,
110384+
8000,
110385+
8888,
110386+
8880,
110387+
8008,
110388+
3000,
110389+
8443
110390+
],
110391+
"autofilter_services": [
110392+
"http",
110393+
"https"
110394+
],
110395+
"targets": [
110396+
"PHP In-Memory",
110397+
"Unix/Linux Command Shell",
110398+
"Windows Command Shell"
110399+
],
110400+
"mod_time": "2024-08-20 19:41:05 +0000",
110401+
"path": "/modules/exploits/multi/http/spip_porte_plume_previsu_rce.rb",
110402+
"is_install_path": true,
110403+
"ref_name": "multi/http/spip_porte_plume_previsu_rce",
110404+
"check": true,
110405+
"post_auth": false,
110406+
"default_credential": false,
110407+
"notes": {
110408+
"Stability": [
110409+
"crash-safe"
110410+
],
110411+
"Reliability": [
110412+
"repeatable-session"
110413+
],
110414+
"SideEffects": [
110415+
"ioc-in-logs",
110416+
"artifacts-on-disk"
110417+
]
110418+
},
110419+
"session_types": false,
110420+
"needs_cleanup": null
110421+
},
110358110422
"exploit_multi/http/splunk_mappy_exec": {
110359110423
"name": "Splunk Search Remote Code Execution",
110360110424
"fullname": "exploit/multi/http/splunk_mappy_exec",

0 commit comments

Comments
 (0)