Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spip spip 3.1.3 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-9736
SPIP 3.1.x prior to 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote malicious user to cause remote code execution.
Spip Spip 3.1.0
Spip Spip 3.2.0
Spip Spip 3.1.5
Spip Spip 3.1.4
Spip Spip 3.2
Spip Spip 3.1.3
Spip Spip 3.1.1
Spip Spip 3.1.2
6.1
CVSSv3
CVE-2016-9997
SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/puce_statut.php involving the `$id` parameter, as demonstrated by a /ecrire/?exec=puce_statut URL.
Spip Spip 3.1.0
Spip Spip 3.1.3
Spip Spip 3.1.1
Spip Spip 3.1.2
6.1
CVSSv3
CVE-2016-9998
SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/info_plugin.php involving the `$plugin` parameter, as demonstrated by a /ecrire/?exec=info_plugin URL.
Spip Spip 3.1.0
Spip Spip 3.1.3
Spip Spip 3.1.1
Spip Spip 3.1.2
6.1
CVSSv3
CVE-2016-9152
Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote malicious users to inject arbitrary web script or HTML via the rac parameter.
Spip Spip 3.1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started