automatic module_metadata_base.json update

2023-04-17 14:56:35 -05:00 · 2023-04-17 14:56:35 -05:00 · e54d602d4c
parent db853f9a68
commit e54d602d4c
1 changed files with 63 additions and 0 deletions
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@ -114620,6 +114620,69 @@
    "session_types": false,
    "needs_cleanup": null
  },
+  "exploit_unix/webapp/spip_rce_form": {
+    "name": "SPIP form PHP Injection",
+    "fullname": "exploit/unix/webapp/spip_rce_form",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2023-02-27",
+    "type": "exploit",
+    "author": [
+      "coiffeur",
+      "Laluka",
+      "Julien Voisin"
+    ],
+    "description": "This module exploits a PHP code injection in SPIP. The vulnerability exists in the\n          oubli parameter and allows an unauthenticated user to execute arbitrary commands\n          with web user privileges. Branches 3.2, 4.0, 4.1 and 4.2 are concerned. Vulnerable versions\n          are <3.2.18, <4.0.10, <4.1.18 and <4.2.1.",
+    "references": [
+      "URL-https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-2-1-SPIP-4-1-8-SPIP-4-0-10-et.html",
+      "URL-https://therealcoiffeur.com/c11010",
+      "CVE-2023-27372"
+    ],
+    "platform": "Linux,PHP,Unix",
+    "arch": "php, cmd",
+    "rport": 80,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Automatic (PHP In-Memory)",
+      "Automatic (Unix In-Memory)"
+    ],
+    "mod_time": "2023-02-27 22:34:46 +0000",
+    "path": "/modules/exploits/unix/webapp/spip_rce_form.rb",
+    "is_install_path": true,
+    "ref_name": "unix/webapp/spip_rce_form",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
  "exploit_unix/webapp/squash_yaml_exec": {
    "name": "Squash YAML Code Execution",
    "fullname": "exploit/unix/webapp/squash_yaml_exec",