Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spip spip 3.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4557
The Security Screen (_core_/securite/ecran_securite.php) prior to 1.1.8 for SPIP, as used in SPIP 3.0.x prior to 3.0.12, allows remote malicious users to execute arbitrary PHP via the connect parameter.
Spip Spip 3.0.3
Spip Spip 3.0.8
Spip Spip 3.0.4
Spip Spip 3.0.7
Spip Spip 3.0.5
Spip Spip 3.0.10
Spip Spip 3.0.9
Spip Spip 3.0.2
Spip Spip 3.0.0
Spip Spip 3.0.6
Spip Spip 3.0.11
Spip Spip 3.0.1
NA
CVE-2013-2118
SPIP 3.0.x prior to 3.0.9, 2.1.x prior to 2.1.22, and 2.0.x prior to 2.0.23 allows remote malicious users to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
Spip Spip 3.0.3
Spip Spip 3.0.8
Spip Spip 3.0.4
Spip Spip 3.0.7
Spip Spip 3.0.5
Spip Spip 3.0.2
Spip Spip 3.0.0
Spip Spip 3.0.6
Spip Spip 3.0.1
Spip Spip 2.1.15
Spip Spip 2.1.8
Spip Spip 2.1.17
Spip Spip 2.1.4
Spip Spip 2.1.19
Spip Spip 2.1.2
Spip Spip 2.1.18
Spip Spip 2.1.5
Spip Spip 2.1.13
Spip Spip 2.1.16
Spip Spip 2.1.10
Spip Spip 2.1.7
Spip Spip 2.1.14
1 EDB exploit
NA
CVE-2013-7303
Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP prior to 2.1.25 and 3.0.x prior to 3.0.13 allow remote malicious users to inject arbitrary web script or HTML via the author name f...
Spip Spip 2.1.15
Spip Spip 3.0.3
Spip Spip 2.0.3
Spip Spip 2.0.6
Spip Spip 2.0.10
Spip Spip 3.0.8
Spip Spip 2.1.17
Spip Spip 2.0.19
Spip Spip 3.0.4
Spip Spip 3.0.7
Spip Spip 2.1.19
Spip Spip 2.0.12
Spip Spip 2.1.2
Spip Spip 2.0.16
Spip Spip 2.1.18
Spip Spip 2.1.13
Spip Spip 2.1.16
Spip Spip 3.0.5
Spip Spip 2.1.22
Spip Spip 2.1.10
Spip Spip 2.0.7
Spip Spip 3.0.10
NA
CVE-2013-4556
Cross-site scripting (XSS) vulnerability in the author page (prive/formulaires/editer_auteur.php) in SPIP prior to 2.1.24 and 3.0.x prior to 3.0.12 allows remote malicious users to inject arbitrary web script or HTML via the url_site parameter.
Spip Spip 2.1.15
Spip Spip 3.0.3
Spip Spip 2.1.8
Spip Spip 2.0.0
Spip Spip 2.0.3
Spip Spip 2.0.6
Spip Spip 2.0.10
Spip Spip 3.0.8
Spip Spip 2.1.17
Spip Spip 2.0.19
Spip Spip
Spip Spip 2.1.4
Spip Spip 3.0.4
Spip Spip 3.0.7
Spip Spip 2.1.19
Spip Spip 2.0.12
Spip Spip 2.1.2
Spip Spip 2.0.16
Spip Spip 2.1.18
Spip Spip 2.1.5
Spip Spip 2.1.13
Spip Spip 2.1.16
9.8
CVSSv3
CVE-2016-3154
The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x prior to 2.1.19, 3.0.x prior to 3.0.22, and 3.1.x prior to 3.1.1 allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object.
Spip Spip 2.1.15
Spip Spip 3.0.3
Spip Spip 2.1.8
Spip Spip 2.0.0
Spip Spip 2.0.3
Spip Spip 2.0.6
Spip Spip 2.0.10
Spip Spip 3.0.8
Spip Spip 3.0.19
Spip Spip 2.1.17
Spip Spip 2.0.19
Spip Spip 2.1.4
Spip Spip 3.0.4
Spip Spip 3.0.7
Spip Spip 2.1.19
Spip Spip 2.0.12
Spip Spip 2.1.2
Spip Spip 2.0.16
Spip Spip 2.1.18
Spip Spip 2.1.5
Spip Spip 2.1.13
Spip Spip 2.1.16
9.8
CVSSv3
CVE-2016-3153
SPIP 2.x prior to 2.1.19, 3.0.x prior to 3.0.22, and 3.1.x prior to 3.1.1 allows remote malicious users to execute arbitrary PHP code by adding content, related to the filtrer_entites function.
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Spip Spip 2.1.15
Spip Spip 3.0.3
Spip Spip 2.1.8
Spip Spip 2.0.0
Spip Spip 2.0.3
Spip Spip 2.0.6
Spip Spip 2.0.10
Spip Spip 3.0.8
Spip Spip 3.0.19
Spip Spip 2.1.17
Spip Spip 2.0.19
Spip Spip 2.1.4
Spip Spip 3.0.4
Spip Spip 3.0.7
Spip Spip 2.0.12
Spip Spip 2.1.2
Spip Spip 2.0.16
Spip Spip 2.1.18
Spip Spip 2.1.5
Spip Spip 2.1.13
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started