Share
## https://sploitus.com/exploit?id=SAINT:62A93973BBA301F9EDE7C739AC37B72C
Added: 06/23/2023  


### Background

[SPIP](<https://www.spip.net>) is a web-based publishing system written in PHP. 

### Problem

Mishandling of serialized data in SPIP's password reset form allows remote attackers to execute arbitrary commands. 

### Resolution

[Upgrade](<https://www.spip.net/en_download>) to SPIP 3.2.18, 4.0.10, 4.1.8, 4.2.1 or higher. 

### References

<https://github.com/nuts7/CVE-2023-27372>  


### Platforms

Linux