7 matches found
[SECURITY] [DSA 3890-1] spip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3890-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 21, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3890-1] spip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3890-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 21, 2017 https://www.debian.org/security/faq -...
CVE-2017-9736
SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution...
DEBIAN-CVE-2017-9736
SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution...
CVE-2017-9736
CVE-2017-9736 affects SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3. The flaw arises from insufficient sanitisation of the host field, allowing remote code execution via crafted requests. Debian/DSA advisories indicate fixes are available in SPIP packages (e.g., SPIP 3.1.4-3~deb9u1 for stretch;...
CVE-2017-9736
SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution...
CVE-2017-9736
SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution...