2 matches found
CVE-2026-27743
The CVE-2026-27743 entry describes an unauthenticated SQL injection in the SPIP referer_spam plugin prior to version 1.3.0. The vulnerable components are the referer_spam_ajouter and referer_spam_supprimer action handlers, which read the url parameter from a GET request and interpolate it directl...
PT-2026-21858
Name of the Vulnerable Software and Affected Versions SPIP referer spam plugin versions prior to 1.3.0 Description The referer spam plugin is susceptible to an unauthenticated SQL injection. This occurs because the plugin’s referer spam ajouter and referer spam supprimer action handlers directly...