SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 prior to 1.8.3b, 1.9 prior to 1.9.2g, and 2.0 prior to 2.0.2 allows remote malicious users to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spip spip 1.8 |
||
spip spip 1.8b1 |
||
spip spip 1.8.2b |
||
spip spip 1.8.3 |
||
spip spip 2.0.1 |
||
spip spip 1.8b4 |
||
spip spip 1.8b5 |
||
spip spip 1.9.1 |
||
spip spip 1.9.2 |
||
spip spip 1.8b2 |
||
spip spip 1.8b3 |
||
spip spip 1.9.0 |
||
spip spip 1.8.1 |
||
spip spip 1.8b6 |
||
spip spip 1.8.2 |
||
spip spip 1.9.2f |
||
spip spip 2.0.0 |