Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spip spip 1.8.2 vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2005-4494
Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters to (1) spip_login.php3 and (2) spip_pass.php3.
Spip Spip 1.8.2
10
CVSSv2
CVE-2008-5812
Multiple unspecified vulnerabilities in SPIP 1.8 prior to 1.8.3b, 1.9 prior to 1.9.2g, and 2.0 prior to 2.0.2 have unknown impact and attack vectors.
Spip Spip 1.8b6
Spip Spip 1.8.2
Spip Spip 1.9.2f
Spip Spip 2.0.0
Spip Spip 1.8b1
Spip Spip 1.8b2
Spip Spip 1.8b3
Spip Spip 1.9.0
Spip Spip 1.9.1
Spip Spip 1.8.1
Spip Spip 1.8
Spip Spip 1.8.2b
Spip Spip 1.8.3
Spip Spip 2.0.1
Spip Spip 1.8b4
Spip Spip 1.8b5
Spip Spip 1.9.2
7.5
CVSSv2
CVE-2008-5813
SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 prior to 1.8.3b, 1.9 prior to 1.9.2g, and 2.0 prior to 2.0.2 allows remote malicious users to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information.
Spip Spip 1.8
Spip Spip 1.8b1
Spip Spip 1.8.2b
Spip Spip 1.8.3
Spip Spip 2.0.1
Spip Spip 1.8b4
Spip Spip 1.8b5
Spip Spip 1.9.1
Spip Spip 1.9.2
Spip Spip 1.8b2
Spip Spip 1.8b3
Spip Spip 1.9.0
Spip Spip 1.8.1
Spip Spip 1.8b6
Spip Spip 1.8.2
Spip Spip 1.9.2f
Spip Spip 2.0.0
6.4
CVSSv2
CVE-2006-0625
Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and previous versions allows remote malicious users to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via resulta...
Spip Spip 1.8.2d
Spip Spip 1.8.2e
Spip Spip 1.8.2g
1 EDB exploit
4.3
CVSSv2
CVE-2006-1295
Cross-site scripting (XSS) vulnerability in recherche.php3 in SPIP 1.8.2-g allows remote malicious users to inject arbitrary web script or HTML via the recherche parameter.
Spip Spip 1.8.2g
Spip Spip 1.8.2e
4.3
CVSSv2
CVE-2006-0518
Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e and previous versions and 1.9 Alpha 2 (5539) and previous versions allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Spip Spip
1 EDB exploit
5
CVSSv2
CVE-2006-0519
SPIP 1.8.2-e and previous versions and 1.9 Alpha 2 (5539) and previous versions allows remote malicious users to obtain sensitive information via a direct request to inc-messforum.php3, which reveals the path in an error message.
Spip Spip
7.5
CVSSv2
CVE-2006-0517
Multiple SQL injection vulnerabilities in formulaires/inc-formulaire_forum.php3 in SPIP 1.8.2-e and previous versions and 1.9 Alpha 2 (5539) and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id_forum, (2) id_article, or (3) id_breve ...
Spip Spip
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started