nuts7 - Security Researcher - Exploit Intelligence Platform

CVE-2023-27372 NOMISEC CRITICAL WORKING POC

Spip < 3.2.18 - Insecure Deserialization

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.

67 stars

CVSS 9.8

View Code

CVE-2023-27372 NOMISEC CRITICAL WORKING POC

Spip < 3.2.18 - Insecure Deserialization

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.

2 stars

CVSS 9.8

View Code

CVE-2023-27372 NOMISEC CRITICAL WORKING POC

Spip < 3.2.18 - Insecure Deserialization

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.

CVSS 9.8

View Code

CVE-2023-27372 EXPLOITDB CRITICAL python WORKING POC

Spip < 3.2.18 - Insecure Deserialization

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.

CVSS 9.8

View Code