Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spip spip 3.0.17 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-15736
Cross-site scripting (XSS) vulnerability (stored) in SPIP prior to 3.1.7 allows remote malicious users to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to prive/objets/contenu/auteur.html and ecrire/inc/texte_mini.php.
Spip Spip
7.5
CVSSv2
CVE-2016-3153
SPIP 2.x prior to 2.1.19, 3.0.x prior to 3.0.22, and 3.1.x prior to 3.1.1 allows remote malicious users to execute arbitrary PHP code by adding content, related to the filtrer_entites function.
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Spip Spip 2.1.15
Spip Spip 3.0.3
Spip Spip 2.1.8
Spip Spip 2.0.0
Spip Spip 2.0.3
Spip Spip 2.0.6
Spip Spip 2.0.10
Spip Spip 3.0.8
Spip Spip 3.0.19
Spip Spip 2.1.17
Spip Spip 2.0.19
Spip Spip 2.1.4
Spip Spip 3.0.4
Spip Spip 3.0.7
Spip Spip 2.0.12
Spip Spip 2.1.2
Spip Spip 2.0.16
Spip Spip 2.1.18
Spip Spip 2.1.5
Spip Spip 2.1.13
7.5
CVSSv2
CVE-2016-3154
The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x prior to 2.1.19, 3.0.x prior to 3.0.22, and 3.1.x prior to 3.1.1 allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object.
Spip Spip 2.1.15
Spip Spip 3.0.3
Spip Spip 2.1.8
Spip Spip 2.0.0
Spip Spip 2.0.3
Spip Spip 2.0.6
Spip Spip 2.0.10
Spip Spip 3.0.8
Spip Spip 3.0.19
Spip Spip 2.1.17
Spip Spip 2.0.19
Spip Spip 2.1.4
Spip Spip 3.0.4
Spip Spip 3.0.7
Spip Spip 2.1.19
Spip Spip 2.0.12
Spip Spip 2.1.2
Spip Spip 2.0.16
Spip Spip 2.1.18
Spip Spip 2.1.5
Spip Spip 2.1.13
Spip Spip 2.1.16
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6267
XML injection
CVE-2024-37673
CVE-2024-6266
CVE-2024-30078
arbitrary
CVE-2024-36886
CVE-2024-5346
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started