VYPR
Unrated severityNVD Advisory· Published Sep 6, 2024· Updated Nov 22, 2025

SPIP Bigup Multipart File Upload OS Command Injection

CVE-2024-8517

Description

SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Spip/Spipllm-fuzzy2 versions
    <4.3.2+ 1 more
    • (no CPE)range: <4.3.2
    • (no CPE)range: 4.3.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.