Lucene search
Ubuntu.comUB:CVE-2016-7980HistoryJan 18, 2017 - 12:00 a.m.
CVE-2016-7980
2017-01-1800:00:00
ubuntu.com
ubuntu.com
9
0.004 Low
EPSS
Percentile
73.4%
Cross-site request forgery (CSRF) vulnerability in
ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote
attackers to hijack the authentication of administrators for requests that
execute the XML validator on a local file via a crafted valider_xml
request. NOTE: this issue can be combined with CVE-2016-7998 to execute
arbitrary PHP code.
Related
osv
osv
CVE-2016-7980
2017-01-18 17:59:00
CVE-2016-7998
2017-01-18 17:59:01
spip - security update
2016-11-02 00:00:00
cve
cve
CVE-2016-7980
2017-01-18 17:59:00
CVE-2016-7998
2017-01-18 17:59:00
packetstorm
packetstorm
SPIP 3.1.2 Cross Site Request Forgery
2016-10-19 00:00:00
SPIP 3.1.2 Template Compiler / Composer PHP Code Execution
2016-10-20 00:00:00
debiancve
debiancve
CVE-2016-7980
2017-01-18 17:59:00
CVE-2016-7998
2017-01-18 17:59:00
prion
prion
Cross site request forgery (csrf)
2017-01-18 17:59:00
Deserialization of untrusted data
2017-01-18 17:59:00
cvelist
cvelist
CVE-2016-7980
2017-01-18 17:00:00
CVE-2016-7998
2017-01-18 17:00:00
exploitpack
exploitpack
SPIP 3.1.2 - Cross-Site Request Forgery
2016-10-20 00:00:00
SPIP 3.1.2 Template CompilerComposer - PHP Code Execution
2016-10-20 00:00:00
exploitdb
exploitdb
SPIP 3.1.2 - Cross-Site Request Forgery
2016-10-20 00:00:00
SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution
2016-10-20 00:00:00
zdt
zdt
SPIP 3.1.2 Template Compiler / Composer PHP Code Execution
2016-10-20 00:00:00
SPIP 3.1.2 Cross Site Request Forgery Vulnerability
2016-10-20 00:00:00
openvas
openvas
SPIP < 3.1.3 Multiple Vulnerabilities
2016-11-08 00:00:00
Debian: Security Advisory (DLA-695-1)
2023-03-08 00:00:00
debian
debian
[SECURITY] [DLA 695-1] spip security update
2016-11-02 22:00:21
ubuntucve
ubuntucve
CVE-2016-7998
2017-01-18 00:00:00
nessus
nessus
Debian DLA-695-1 : spip security update
2016-11-03 00:00:00