Exploit for Deserialization of Untrusted Data in Spip

April 28, 2025 invoker category_exploit

Exploit Details

Basic Information

Exploit Title	Exploit for Deserialization of Untrusted Data in Spip
Exploit ID	55FB0B2A-A7C3-561B-B018-F37F13559B7F
Type	githubexploit
Published	2025-04-28T13:48:32
Modified	2025-04-28T13:51:42

CVSS Information

CVSS Score	9.8
Severity	CRITICAL
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE Information

CVE-2023-27372

Exploit Description

SPIP CVE-2023-27372 Unauthenticated RCE Exploit (Web Shell Upload) This Python script exploits CVE-2023-27372, an unauthenticated remote code execution vulnerability in SPIP CMS versions prior to 4.2.1. It…

Exploit Code

View Full Exploit Details