5 matches found
CVE-2026-27747
The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated SQL injection vulnerability in interfacetraductionobjetspipelines.php. When handling translation requests, the plugin reads the idparent parameter from user-supplied input and concatenates it directly into ...
EUVD-2026-8605
The SPIP interfacetraductionobjets plugin versions prior to 4.3.3 contain an authenticated SQL injection vulnerability in interfacetraductionobjetspipelines.php. When handling translation requests, the plugin reads the idparent parameter from user-supplied input and concatenates it directly into ...
CVE-2026-27747
The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated SQL injection vulnerability in interfacetraductionobjetspipelines.php. When handling translation requests, the plugin reads the idparent parameter from user-supplied input and concatenates it directly into ...
CVE-2026-27747
The CVE concerns the SPIP plugin interface_traduction_objets (versions prior to 4.3.3). The vulnerability is an authenticated SQL injection in interface_traduction_objets_pipelines.php: the plugin reads the id_parent parameter from user input and directly concatenates it into a SQL WHERE clause i...
CVE-2026-27747
The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated SQL injection vulnerability in interfacetraductionobjetspipelines.php. When handling translation requests, the plugin reads the idparent parameter from user-supplied input and concatenates it directly into ...