Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-42007 PoC — SPX 安全漏洞

Source
https://github.com/BubblyCola/CVE_2024_42007
Associated Vulnerability
Title:SPX 安全漏洞 (CVE-2024-42007)
Description:SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files.
Description
Python exploit for CVE-2024-42007 — a path traversal vulnerability in php-spx <= 0.4.15 that allows arbitrary file read via SPX_UI_URI parameter.
Readme
# CVE-2024-42007 - php-spx Path Traversal Exploit

This repository contains a Python 3 proof-of-concept (PoC) script for CVE-2024-42007.

**Vulnerability Summary:**
> php-spx <= 0.4.15 suffers from a path traversal vulnerability via the `SPX_UI_URI` parameter, allowing unauthenticated attackers to read arbitrary files from the server.

## 🚀 Usage
python3 CVE_2024_42007.py -t http://target -f /etc/passwd
File Snapshot

 [4.0K]  /data/pocs/f91d9fbfe8d278890ea549f8aa69560a7ae5e23a
├── [1.7K]  CVE_2024_42007.py
└── [ 410]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →