# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2022-28960 |
94 |
|
Exec Code |
2022-05-19 |
2022-05-26 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire. |
2 |
CVE-2022-26846 |
|
|
Exec Code |
2022-03-10 |
2022-03-18 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code. |
3 |
CVE-2021-44123 |
434 |
|
Exec Code |
2022-01-26 |
2022-02-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to execute it. |
4 |
CVE-2021-44122 |
352 |
|
Exec Code XSS CSRF |
2022-01-26 |
2022-02-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) vulnerability in ecrire/public/aiguiller.php, ecrire/public/balises.php, ecrire/balise/formulaire_.php. To exploit the vulnerability, a visitor must visit a malicious website which redirects to the SPIP website. It is also possible to combine XSS vulnerabilities in SPIP 4.0.0 to exploit it. The vulnerability allows an authenticated attacker to execute malicious code without the knowledge of the user on the website (CSRF). |
5 |
CVE-2021-44120 |
79 |
|
Exec Code XSS |
2022-01-26 |
2022-02-01 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal information. If the editor has an article written and available, when a user goes to the public site and wants to read the author's information, the malicious code will be executed. The "Who are you" and "Website Name" fields are vulnerable. |
6 |
CVE-2019-11071 |
20 |
|
Exec Code |
2019-04-10 |
2020-09-28 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled. |
7 |
CVE-2017-9736 |
78 |
|
Exec Code |
2017-06-17 |
2017-11-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution. |
8 |
CVE-2016-7998 |
20 |
|
Exec Code |
2017-01-18 |
2017-05-24 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action. |
9 |
CVE-2016-7980 |
352 |
|
Exec Code CSRF |
2017-01-18 |
2017-05-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted valider_xml request. NOTE: this issue can be combined with CVE-2016-7998 to execute arbitrary PHP code. |
10 |
CVE-2016-3154 |
94 |
|
Exec Code |
2016-04-08 |
2016-04-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object. |
11 |
CVE-2016-3153 |
94 |
|
Exec Code |
2016-04-08 |
2016-04-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to execute arbitrary PHP code by adding content, related to the filtrer_entites function. |
12 |
CVE-2008-5813 |
89 |
|
Exec Code Sql |
2009-01-02 |
2017-08-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information. |
13 |
CVE-2007-4525 |
94 |
|
Exec Code File Inclusion |
2007-08-25 |
2018-10-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
** DISPUTED ** PHP remote file inclusion vulnerability in inc-calcul.php3 in SPIP 1.7.2 allows remote attackers to execute arbitrary PHP code via a URL in the squelette_cache parameter, a different vector than CVE-2006-1702. NOTE: this issue has been disputed by third party researchers, stating that the squelette_cache variable is initialized before use, and is only used within the scope of a function. |
14 |
CVE-2006-1702 |
|
|
Exec Code File Inclusion |
2006-04-11 |
2018-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
PHP remote file inclusion vulnerability in spip_login.php3 in SPIP 1.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. |
15 |
CVE-2006-0626 |
|
|
Exec Code Sql |
2006-02-09 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and earlier allows remote attackers to execute arbitrary SQL commands via the file parameter. |
16 |
CVE-2006-0625 |
|
|
Exec Code Dir. Trav. |
2006-02-09 |
2017-07-20 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via resultant direct static code injection in the file parameter to spip_acces_doc.php3. |
17 |
CVE-2006-0517 |
|
|
Exec Code Sql |
2006-02-02 |
2018-10-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple SQL injection vulnerabilities in formulaires/inc-formulaire_forum.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id_forum, (2) id_article, or (3) id_breve parameters to forum.php3; (4) unspecified vectors related to "session handling"; and (5) when posting "petitions". |