3 matches found
CVE-2022-28960
A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the oups parameter at /ecrire...
CVE-2022-28960
A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the oups parameter at /ecrire...
CVE-2022-28960
CVE-2022-28960 affects SPIP before version 3.2.8, where the _oups parameter in /ecrire allows remote PHP code execution due to inadequate input handling. The issue is a PHP code injection vulnerability in SPIP’s administrative area, enabling an attacker to run arbitrary PHP on the server. Exploit...