SPIP Porte Plume Plugin 漏洞列表

共找到 2 个与 SPIP Porte Plume Plugin 相关的漏洞

📅 加载漏洞趋势中...

CVE-2024-7954: SPIP Porte Plume Plugin rce POC

日期: 2025-09-01 | 影响软件: SPIP Porte Plume Plugin

fofa: app="SPIP" 在4.30-alpha2、4.2.13和4.1.16之前的SPIP中使用的porte_plume插件存在任意代码执行漏洞。远程且未经认证的攻击者可以通过发送特制的HTTP请求，以SPIP用户的身份执行任意PHP代码。
CVE-2024-7954: SPIP Porte Plume Plugin - Remote Code Execution POC

日期: 2025-08-01 | 影响软件: SPIP Porte Plume Plugin

The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.