CVE-2013-4557

SPIP <3.0.12 - RCE

Title source: llm

Description

The Security Screen (_core_/securite/ecran_securite.php) before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Arnaud Pachot, Frederic Cikala, Davy Douhine, Valentin Lobstein · rubypocphp

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/spip_connect_exec.rb

View Code ZIP pw:eip

References (7)

[Third Party Advisory] https://www.debian.org/security/2013/dsa-2794

[Various Sources] http://www.spip.net/fr_article5646.html

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1029317

[Mailing List] http://www.openwall.com/lists/oss-security/2013/11/10/4

[Vendor Advisory] http://secunia.com/advisories/55551

[Various Sources] http://www.spip.net/fr_article5648.html

[Exploit, Patch] http://zone.spip.org/trac/spip-zone/changeset/75105/_core_/securite/ecran_securite.php

Scores

EPSS 0.6949

EPSS Percentile 98.7%

Details

CWE

CWE-94

Status published

Products (12)

spip/spip 3.0.0

spip/spip 3.0.1

spip/spip 3.0.2

spip/spip 3.0.3

spip/spip 3.0.4

spip/spip 3.0.5

spip/spip 3.0.6

spip/spip 3.0.7

spip/spip 3.0.8

spip/spip 3.0.9

... and 2 more

Published Nov 18, 2013

Tracked Since Feb 18, 2026