Share
## https://sploitus.com/exploit?id=SAINT:1C0C8831B4EEEFE0047732F52A14E102
Added: 06/23/2023  


### Background

SPIP is a web-based publishing system written in PHP. 

### Problem

Mishandling of serialized data in SPIP's password reset form allows remote attackers to execute arbitrary commands. 

### Resolution

Upgrade to SPIP 3.2.18, 4.0.10, 4.1.8, 4.2.1 or higher. 

### References

https://github.com/nuts7/CVE-2023-27372   


### Platforms

Linux