Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-8828

Malware in sbrugna...

8.8CVSS8.6AI score0.04122EPSS
Exploits4References11
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-7982

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in ecrire/exec/validerxml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the...

7.5CVSS7.4AI score0.20515EPSS
Exploits4References2
UbuntuCve
UbuntuCve
added 2017/01/18 5:59 p.m.15 views

CVE-2016-7999

ecrire/exec/validerxml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery SSRF attacks via a URL in the varurl parameter in a validerxml action...

7.4CVSS7.1AI score0.02299EPSS
Exploits2References1
OSV
OSV
added 2017/01/18 5:59 p.m.14 views

CVE-2016-7980

Cross-site request forgery CSRF vulnerability in ecrire/exec/validerxml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted validerxml request. NOTE: this issue can be combin...

8.8CVSS9AI score0.04122EPSS
Exploits4References8
OSV
OSV
added 2017/01/18 5:59 p.m.2 views

DEBIAN-CVE-2016-7982

Directory traversal vulnerability in ecrire/exec/validerxml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the varurl parameter in a validerxml action...

7.5CVSS7AI score0.20515EPSS
Exploits4References1
UbuntuCve
UbuntuCve
added 2017/01/18 5:59 p.m.18 views

CVE-2016-7980

Cross-site request forgery CSRF vulnerability in ecrire/exec/validerxml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted validerxml request. NOTE: this issue can be combin...

8.8CVSS7.2AI score0.04122EPSS
Exploits4References3
UbuntuCve
UbuntuCve
added 2017/01/18 5:59 p.m.18 views

CVE-2016-7981

Cross-site scripting XSS vulnerability in validerxml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the varurl parameter in a validerxml action...

6.1CVSS6.8AI score0.08216EPSS
Exploits2References4
CVE
CVE
added 2017/01/18 5:0 p.m.93 views

CVE-2016-7981

Summary: CVE-2016-7981 is an XSS vulnerability in SPIP 3.1.2 and earlier. The issue occurs in the valider_xml.php handler, where the var_url parameter in a valider_xml action can be exploited by remote attackers to inject arbitrary web script or HTML into victims’ browsers. This is confined to SP...

6.1CVSS6.1AI score0.08216EPSS
Exploits2References7Affected Software1
Cvelist
Cvelist
added 2017/01/18 5:0 p.m.32 views

CVE-2016-7998

The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted 1 INCLUDE or 2 INCLURE tag and then accessing it with a validerxml action...

8.6AI score0.13649EPSS
Exploits7References8
Debian CVE
Debian CVE
added 2017/01/18 5:0 p.m.22 views

CVE-2016-7999

ecrire/exec/validerxml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery SSRF attacks via a URL in the varurl parameter in a validerxml action...

7.4CVSS7.5AI score0.02299EPSS
Exploits2
Debian CVE
Debian CVE
added 2017/01/18 5:0 p.m.24 views

CVE-2016-7980

Cross-site request forgery CSRF vulnerability in ecrire/exec/validerxml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted validerxml request. NOTE: this issue can be combin...

8.8CVSS9.1AI score0.04122EPSS
Exploits4
Debian CVE
Debian CVE
added 2017/01/18 5:0 p.m.34 views

CVE-2016-7998

The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted 1 INCLUDE or 2 INCLURE tag and then accessing it with a validerxml action...

8.8CVSS8.7AI score0.13649EPSS
Exploits7
0day.today
0day.today
added 2016/10/20 12:0 a.m.85 views

SPIP 3.1.2 Cross Site Request Forgery Vulnerability

Exploit for php platform in category web applications SPIP 3.1.2 Exec Code Cross-Site Request Forgery CVE-2016-7980 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free software,...

6.8CVSS8.6AI score0.13649EPSS
Exploits8
exploitpack
exploitpack
added 2016/10/20 12:0 a.m.39 views

SPIP 3.1.2 Template CompilerComposer - PHP Code Execution

SPIP 3.1.2 Template CompilerComposer - PHP Code Execution SPIP 3.1.2 Template Compiler/Composer PHP Code Execution CVE-2016-7998 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free...

6.5CVSS9AI score0.13649EPSS
Exploits7
Exploit DB
Exploit DB
added 2016/10/20 12:0 a.m.47 views

SPIP 3.1.2 - Cross-Site Request Forgery

SPIP 3.1.2 Exec Code Cross-Site Request Forgery CVE-2016-7980 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free software, distributed under the GNU/GPL licence. Vulnerability...

8.8CVSS8.7AI score0.04122EPSS
Exploits4
Rows per page
Query Builder