Lucene search
K

36 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-30976

Malicious code in bioql PyPI...

5.4CVSS5.4AI score0.00628EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-30979

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.02396EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-30978

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00491EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-44120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An...

5.4CVSS5.5AI score0.00628EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-44118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerabili...

5.4CVSS5.6AI score0.00772EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-44123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double...

8.8CVSS8AI score0.02396EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-44122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP 4.0.0 is affected by a Cross Site Request Forgery CSRF vulnerability in ecrire/public/aiguiller.php, ecrire/public/balises.php, ecrire/balise/formulaire.ph...

8.8CVSS7.9AI score0.00491EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/02 12:0 a.m.39 views

Ubuntu 20.04 LTS : SPIP vulnerabilities (USN-5482-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5482-2 advisory. USN-5482-1 fixed several vulnerabilities in SPIP. This update provides the corresponding updates for Ubuntu 20.04 LTS for CVE-2021-44118, CVE-2021-44120,...

8.8CVSS6.7AI score0.02396EPSS
Exploits0References5
Veracode
Veracode
added 2022/02/07 10:32 p.m.25 views

Cross Site Scripting (XSS)

SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal information. If the editor has an article written and available, when a user goes to the public site...

5.4CVSS1.6AI score0.00628EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/01/26 12:15 p.m.3 views

CVE-2021-44118

SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated attacker to inject malicious code running on the client side into web pages visited by other users stored XSS...

5.4CVSS6.1AI score0.00772EPSS
Exploits0References4
NVD
NVD
added 2022/01/26 12:15 p.m.18 views

CVE-2021-44122

SPIP 4.0.0 is affected by a Cross Site Request Forgery CSRF vulnerability in ecrire/public/aiguiller.php, ecrire/public/balises.php, ecrire/balise/formulaire.php. To exploit the vulnerability, a visitor must visit a malicious website which redirects to the SPIP website. It is also possible to...

8.8CVSS0.00491EPSS
Exploits0References1
NVD
NVD
added 2022/01/26 12:15 p.m.23 views

CVE-2021-44118

SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated attacker to inject malicious code running on the client side into web pages visited by other users stored XSS...

5.4CVSS0.00772EPSS
Exploits0References3
NVD
NVD
added 2022/01/26 12:15 p.m.27 views

CVE-2021-44123

SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to execute it...

8.8CVSS0.02396EPSS
Exploits0References1
OSV
OSV
added 2022/01/26 12:15 p.m.16 views

CVE-2021-44123

SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to execute it...

8.8CVSS7.6AI score
Exploits0References1
OSV
OSV
added 2022/01/26 12:15 p.m.16 views

CVE-2021-44122

SPIP 4.0.0 is affected by a Cross Site Request Forgery CSRF vulnerability in ecrire/public/aiguiller.php, ecrire/public/balises.php, ecrire/balise/formulaire.php. To exploit the vulnerability, a visitor must visit a malicious website which redirects to the SPIP website. It is also possible to...

8.8CVSS6.6AI score
Exploits0References1
OSV
OSV
added 2022/01/26 12:15 p.m.19 views

CVE-2021-44118

SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated attacker to inject malicious code running on the client side into web pages visited by other users stored XSS...

5.4CVSS6AI score
Exploits0References3
OSV
OSV
added 2022/01/26 12:15 p.m.15 views

CVE-2021-44120

SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal information. If the editor has an article written and available, when a user goes to the public site...

5.4CVSS6AI score
Exploits0References1
NVD
NVD
added 2022/01/26 12:15 p.m.22 views

CVE-2021-44120

SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal information. If the editor has an article written and available, when a user goes to the public site...

5.4CVSS0.00628EPSS
Exploits0References1
Prion
Prion
added 2022/01/26 12:15 p.m.12 views

Cross site scripting

SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal information. If the editor has an article written and available, when a user goes to the public site...

3.5CVSS5.3AI score0.00628EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2022/01/26 12:15 p.m.25 views

CVE-2021-44120

SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal information. If the editor has an article written and available, when a user goes to the public site...

5.4CVSS6AI score0.00628EPSS
Exploits0References4
Rows per page
Query Builder