Lucene search
K

4 matches found

Prion
Prion
added 2006/02/09 6:6 p.m.13 views

Sql injection

SQL injection vulnerability in spipaccesdoc.php3 in SPIP 1.8.2g and earlier allows remote attackers to execute arbitrary SQL commands via the file parameter...

7.5CVSS9AI score0.01285EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2006/02/09 6:6 p.m.14 views

Directory traversal

Directory traversal vulnerability in SpipRSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALStypeurls parameter, which could then be used to execute arbitrary code via resultant direct static code injection in the file...

6.4CVSS8.4AI score0.04769EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/02/09 6:0 p.m.20 views

CVE-2006-0625

Directory traversal vulnerability in SpipRSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALStypeurls parameter, which could then be used to execute arbitrary code via resultant direct static code injection in the file...

7.8AI score0.04769EPSS
Exploits1References7
exploitpack
exploitpack
added 2006/02/08 12:0 a.m.18 views

SPIP 1.8.2g - Remote Command Execution

SPIP 1.8.2g - Remote Command Execution this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Fighting with a large army under your command is nowise different from fighting with a small one: it is merely a question of instituting...

7.7AI score
Exploits0
Rows per page
Query Builder