Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-4206

Malware in sbrugna...

9.8CVSS9.3AI score0.01835EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-31397

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.01299EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:43 p.m.9 views

CVE-2022-28960

A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the oups parameter at /ecrire...

8.8CVSS7.8AI score0.01821EPSS
Exploits1References1
Prion
Prion
added 2024/01/19 5:15 a.m.14 views

Design/Logic Flaw

SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of an uploaded file. This is related to javascript/bigup.js and javascript/bigup.utils.js...

5.8CVSS5.9AI score0.00441EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/04 12:0 a.m.3 views

CVE-2023-52322

ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from request is not restricted to safe characters such as alphanumerics...

6AI score0.00439EPSS
Exploits0References3
OSV
OSV
added 2023/02/27 12:0 a.m.40 views

DLA-3347-1 spip - security update

Bulletin has no description...

9.8CVSS9.4AI score0.99637EPSS
Exploits24
OSV
OSV
added 2022/03/08 12:0 a.m.16 views

DSA-5093-1 spip - security update

Bulletin has no description...

8.8CVSS6.5AI score0.02879EPSS
Exploits0
OSV
OSV
added 2019/09/25 12:0 a.m.22 views

DSA-4532-1 spip - security update

Bulletin has no description...

6.5CVSS5.8AI score0.07538EPSS
Exploits2
Dsquare
Dsquare
added 2013/12/27 12:0 a.m.80 views

SPIP ecran_securite connect Parameter RCE

SPIP core/securite/ecransecurite.php connect Parameter Remote Code Execution Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

7.5CVSS0.9AI score0.25287EPSS
Exploits4References3
UbuntuCve
UbuntuCve
added 2013/11/18 2:55 a.m.26 views

CVE-2013-4555

Cross-site request forgery CSRF vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the user via unspecified vectors...

6.8CVSS6AI score0.01233EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2009/09/01 6:4 p.m.15 views

CVE-2009-3041

SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for 1 ecrire/exec/install.php and 2 ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009...

7.5CVSS6.1AI score0.06589EPSS
Exploits2
Cvelist
Cvelist
added 2006/02/02 11:0 a.m.17 views

CVE-2006-0519

SPIP 1.8.2-e and earlier and 1.9 Alpha 2 5539 and earlier allows remote attackers to obtain sensitive information via a direct request to inc-messforum.php3, which reveals the path in an error message...

6AI score0.02106EPSS
Exploits0References4
Rows per page
Query Builder