[ { "id": 840829976, "name": "CVE-2024-7954", "full_name": "Chocapikk\/CVE-2024-7954", "owner": { "login": "Chocapikk", "id": 88535377, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", "html_url": "https:\/\/github.com\/Chocapikk", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-7954", "description": "Unauthenticated Remote Code Execution in SPIP versions up to and including 4.2.12", "fork": false, "created_at": "2024-08-10T20:15:41Z", "updated_at": "2024-12-25T19:00:23Z", "pushed_at": "2024-08-12T13:46:06Z", "stargazers_count": 10, "watchers_count": 10, "has_discussions": false, "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 4, "watchers": 10, "score": 0, "subscribers_count": 2 }, { "id": 848869603, "name": "CVE-2024-7954", "full_name": "bigb0x\/CVE-2024-7954", "owner": { "login": "bigb0x", "id": 13532434, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", "html_url": "https:\/\/github.com\/bigb0x", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-7954", "description": "This exploit will attempt to execute system commands on SPIP targets.", "fork": false, "created_at": "2024-08-28T14:54:56Z", "updated_at": "2024-09-18T22:48:10Z", "pushed_at": "2024-08-28T18:26:25Z", "stargazers_count": 5, "watchers_count": 5, "has_discussions": false, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 5, "score": 0, "subscribers_count": 1 }, { "id": 850636095, "name": "CVE-2024-7954-RCE", "full_name": "gh-ost00\/CVE-2024-7954-RCE", "owner": { "login": "gh-ost00", "id": 153366162, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", "html_url": "https:\/\/github.com\/gh-ost00", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-7954-RCE", "description": "Unauthenticated Remote Code Execution in SPIP versions up to and including 4.2.12 ", "fork": false, "created_at": "2024-09-01T10:59:45Z", "updated_at": "2024-12-24T06:10:23Z", "pushed_at": "2024-09-01T11:07:15Z", "stargazers_count": 6, "watchers_count": 6, "has_discussions": false, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 6, "score": 0, "subscribers_count": 1 }, { "id": 861854729, "name": "RCE_CVE-2024-7954", "full_name": "TheCyberguy-17\/RCE_CVE-2024-7954", "owner": { "login": "TheCyberguy-17", "id": 182538709, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182538709?v=4", "html_url": "https:\/\/github.com\/TheCyberguy-17", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/TheCyberguy-17\/RCE_CVE-2024-7954", "description": null, "fork": false, "created_at": "2024-09-23T16:11:20Z", "updated_at": "2024-10-16T03:51:59Z", "pushed_at": "2024-09-23T16:27:12Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 2, "score": 0, "subscribers_count": 1 }, { "id": 867991834, "name": "RCE-CVE-2024-7954", "full_name": "MuhammadWaseem29\/RCE-CVE-2024-7954", "owner": { "login": "MuhammadWaseem29", "id": 161931698, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161931698?v=4", "html_url": "https:\/\/github.com\/MuhammadWaseem29", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/MuhammadWaseem29\/RCE-CVE-2024-7954", "description": null, "fork": false, "created_at": "2024-10-05T07:24:57Z", "updated_at": "2024-10-16T17:20:37Z", "pushed_at": "2024-10-05T07:55:00Z", "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 4, "score": 0, "subscribers_count": 1 }, { "id": 889221961, "name": "CVE-2024-7954", "full_name": "issamjr\/CVE-2024-7954", "owner": { "login": "issamjr", "id": 101994309, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101994309?v=4", "html_url": "https:\/\/github.com\/issamjr", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/issamjr\/CVE-2024-7954", "description": "The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.", "fork": false, "created_at": "2024-11-15T21:08:47Z", "updated_at": "2024-11-15T22:51:47Z", "pushed_at": "2024-11-15T21:10:55Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 906301837, "name": "CVE-2024-7954POC", "full_name": "zxj-hub\/CVE-2024-7954POC", "owner": { "login": "zxj-hub", "id": 192207002, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192207002?v=4", "html_url": "https:\/\/github.com\/zxj-hub", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/zxj-hub\/CVE-2024-7954POC", "description": "SPIP 4.30-alpha2、4.2.13、4.1.16之前的版本使用的porte_plume插件存在任意代码执行漏洞,远程未经身份验证的攻击者可以通过发送精心设计的HTTP 请求以SPIP用户身份执行任意PHP代码。", "fork": false, "created_at": "2024-12-20T15:40:35Z", "updated_at": "2024-12-20T15:40:39Z", "pushed_at": "2024-12-20T15:40:36Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 909188493, "name": "RCE_CVE-2024-7954-", "full_name": "0dayan0n\/RCE_CVE-2024-7954-", "owner": { "login": "0dayan0n", "id": 170557167, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170557167?v=4", "html_url": "https:\/\/github.com\/0dayan0n", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/0dayan0n\/RCE_CVE-2024-7954-", "description": "The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. (CRITICAL)", "fork": false, "created_at": "2024-12-28T01:05:05Z", "updated_at": "2024-12-28T01:20:15Z", "pushed_at": "2024-12-28T01:20:12Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 } ]