4 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-24258
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the oups parameter. This vulnerability allows attackers to execute arbitrary...
Debian dla-3347 : spip - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3347 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3347-1 [email protected] https://www.debian.org/lts/security/...
CVE-2023-24258
SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request...
CVE-2023-24258
CVE-2023-24258 concerns SPIP. Affected: SPIP v4.1.5 and earlier. Root cause: SQL injection via the _oups parameter, enabling an attacker to execute arbitrary code through a crafted POST request. Impact: high/critical affected components, with remote code execution possible. Connected sources also...