Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2026/05/24 10:36 p.m.11 views

CVE-2026-48832

The vulnerability affects SPIP’s ecrire component in SPIP prior to version 4.4.15, where action/cookie.php is prone to an open redirect. The underlying issue is an open redirect, allowing an attacker to redirect users to a malicious site via crafted input. Version 4.4.15 addresses this issue (as ...

3.5CVSS5.8AI score0.00028EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/02/25 3:8 a.m.4 views

CVE-2026-27745

The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Because...

8.8CVSS6.3AI score0.00158EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/02/19 6:39 p.m.1 views

CVE-2026-27475 SPIP < 4.4.9 Insecure Deserialization

SPIP before 4.4.9 allows Insecure Deserialization in the public area through the tablevaleur filter and the DATA iterator, which accept serialized data. An attacker who can place malicious serialized content a pre-condition requiring prior access or another vulnerability can trigger arbitrary...

9.2CVSS6AI score0.00193EPSS
Exploits2References3
CNNVD
CNNVDadded 2026/02/19 12:0 a.m.4 views

SPIP 跨站脚本漏洞

SPIP is an open-source software developed by SPIP for creating Internet websites. Versions prior to SPIP 4.3.6, 4.2.17, and 4.1.20 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleanup of error message content from the transmettre API, which could lead t...

6.1CVSS5.6AI score0.00044EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2022/05/19 9:15 p.m.3 views

CVE-2022-28961

Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the liertrad and where parameters...

8.8CVSS5.9AI score0.00743EPSS
Exploits1References6
OSV
OSVadded 2022/05/19 9:15 p.m.1 views

DEBIAN-CVE-2022-28959

Multiple cross-site scripting XSS vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS6.1AI score0.02459EPSS
Exploits1References1
OSV
OSVadded 2022/05/19 9:15 p.m.0 views

UBUNTU-CVE-2022-28961

Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the liertrad and where parameters...

8.8CVSS7.4AI score0.00743EPSS
Exploits1References9
Positive Technologies
Positive Technologiesadded 2020/11/25 12:0 a.m.1 views

PT-2022-19328

Name of the Vulnerable Software and Affected Versions Spip Web Framework versions v3.1.13 and earlier Description The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities are located at the "/ecrire" endpoint via the lier trad and where parameters. Recommendations For Spip...

9.8CVSS6.9AI score0.93372EPSS
Exploits35References33
Rows per page
Query Builder