Linux Distros Unpatched Vulnerability : CVE-2019-16394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which...

SPIP information leakage vulnerability

SPIP is a Web-based content publishing system. The system is primarily used for online collaboration. An information disclosure vulnerability exists in SPIP versions prior to 3.1.11 and 3.2.2 prior to 3.2.5, which can be exploited by an attacker to enumerate subscribers...

DEBIAN-CVE-2019-16394

SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers...

UBUNTU-CVE-2019-16394

SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers...

CVE-2019-16394

SPIP (website engine) versions affected: 3.1.x prior to 3.1.11 and 3.2.x prior to 3.2.5. The issue is in the password reminder flow, where error messages differ depending on whether the provided e-mail exists, enabling potential user enumeration of subscribers. Root cause: non-homogeneous handlin...