Published: 09/02/2006 Updated: 20/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and previous versions allows remote malicious users to execute arbitrary SQL commands via the file parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
spip spip 1.8.2g

Debian Bug report logs - #352077 spip: SQL injection vulnerability in SPIP Spip_acces_docPHP Package: spip; Maintainer for spip is David Prévot <taffit@debianorg>; Source for spip is src:spip (PTS, buildd, popcon) Reported by: Micah Anderson <micah@debianorg> Date: Thu, 9 Feb 2006 16:18:42 UTC Severity: normal ...

<?php # ---spip_182g_shell_inj_xplphp 1733 08/02/2006 # # # # SPIP <= 182g remote commands execution # # coded by rgod # # ...

NVD-CWE-Other http://retrogod.altervista.org/spip_182g_shell_inj_xpl.html http://www.securityfocus.com/bid/16551 http://www.osvdb.org/23087 http://securitytracker.com/id?1015602 http://secunia.com/advisories/18676 http://www.vupen.com/english/advisories/2006/0483 https://exchange.xforce.ibmcloud.com/vulnerabilities/24599 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352077 https://nvd.nist.gov https://www.exploit-db.com/exploits/1482/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-0626

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect