Spip : Security Vulnerabilities, CVEs, Published In 2017
Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 allows remote attackers to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to prive/objets/contenu/auteur.html and ecrire/inc/texte_mini.php.
Max CVSS
6.1
EPSS Score
0.18%
Published
2017-10-22
Updated
2020-09-28
SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution.
Max CVSS
9.8
EPSS Score
2.81%
Published
2017-06-17
Updated
2017-11-04
ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action.
Max CVSS
7.4
EPSS Score
0.45%
Published
2017-01-18
Updated
2017-05-24
The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action.
Max CVSS
8.8
EPSS Score
0.93%
Published
2017-01-18
Updated
2017-05-24
Directory traversal vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the var_url parameter in a valider_xml action.
Max CVSS
7.5
EPSS Score
2.20%
Published
2017-01-18
Updated
2017-05-24
Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.
Max CVSS
6.1
EPSS Score
0.26%
Published
2017-01-18
Updated
2017-01-23
Cross-site request forgery (CSRF) vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted valider_xml request. NOTE: this issue can be combined with CVE-2016-7998 to execute arbitrary PHP code.
Max CVSS
8.8
EPSS Score
0.40%
Published
2017-01-18
Updated
2017-05-24
7 vulnerabilities found