CVE-2024-7954

This repository contains a Python-based exploit for CVE-2024-7954, targeting an unauthenticated RCE vulnerability in SPIP's templating system via the `echappe_retour()` function and `eval()` call. The exploit includes payload preparation, command execution, and an interactive shell.

This PoC demonstrates an arbitrary code execution vulnerability in the porte_plume plugin used by SPIP versions before 4.30-alpha2, 4.2.13, and 4.1.16. The exploit involves sending a crafted HTTP POST request to execute arbitrary PHP code as the SPIP user.

This is a functional exploit for CVE-2024-7954, targeting SPIP 4.2.8 with unauthenticated remote command execution via a crafted POST request to the `porte_plume_previsu` endpoint. The script supports both single-target and bulk scanning modes.

This PoC demonstrates an arbitrary code execution vulnerability in the porte_plume plugin for SPIP. The exploit involves sending a crafted HTTP POST request with a malicious payload to execute arbitrary PHP code.

This PoC demonstrates an arbitrary code execution vulnerability in the porte_plume plugin for SPIP. The exploit involves sending a crafted HTTP POST request with embedded PHP code to execute system commands, such as 'cat /etc/passwd'.

This repository contains a detailed writeup and proof-of-concept for CVE-2024-7954, a critical Remote Code Execution (RCE) vulnerability in the SPIP CMS porte_plume plugin. The writeup describes the exploitation process, including reconnaissance, automated scanning, and manual validation, leading to unauthenticated RCE via crafted HTTP POST requests.

This repository contains a functional Python exploit for CVE-2024-7954, targeting SPIP CMS version 4.2.8. The exploit leverages unauthenticated RCE via the `porte_plume_previsu` endpoint by injecting PHP code through crafted image tags.

This repository provides a working proof-of-concept for CVE-2024-7954, an RCE vulnerability in the porte_plume plugin of SPIP versions prior to 4.30-alpha2, 4.2.13, and 4.1.16. The exploit involves a crafted POST request to execute arbitrary PHP code via the data parameter.

The repository describes an arbitrary code execution vulnerability in the porte_plume plugin of SPIP versions before 4.30-alpha2, 4.2.13, and 4.1.16. It states that unauthenticated attackers can execute arbitrary PHP code via crafted HTTP requests.

This Metasploit module exploits a Remote Code Execution vulnerability in SPIP versions up to 4.2.12 via the porte_plume plugin. It leverages improper input handling in the templating system to inject and execute arbitrary PHP code through an `eval()` call.