The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x prior to 2.1.19, 3.0.x prior to 3.0.22, and 3.1.x prior to 3.1.1 allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spip spip 3.0.1 |
||
spip spip 3.0.0 |
||
spip spip 3.0.9 |
||
spip spip 3.0.8 |
||
spip spip 2.1.7 |
||
spip spip 2.1.6 |
||
spip spip 2.1.5 |
||
spip spip 2.1.4 |
||
spip spip 2.0.9 |
||
spip spip 2.0.8 |
||
spip spip 2.0.7 |
||
spip spip 2.0.6 |
||
spip spip 2.0.14 |
||
spip spip 2.0.13 |
||
spip spip 2.0.12 |
||
spip spip 2.0.11 |
||
spip spip 3.1.0 |
||
spip spip 3.0.14 |
||
spip spip 3.0.15 |
||
spip spip 3.0.16 |
||
spip spip 3.0.17 |
||
spip spip 2.1.17 |
||
spip spip 2.1.16 |
||
spip spip 2.1.15 |
||
spip spip 2.1.14 |
||
spip spip 2.0.21 |
||
spip spip 2.0.20 |
||
spip spip 2.0.2 |
||
spip spip 2.0.19 |
||
spip spip 3.0.13 |
||
spip spip 3.0.10 |
||
spip spip 3.0.7 |
||
spip spip 3.0.5 |
||
spip spip 3.0.3 |
||
spip spip 3.0.19 |
||
spip spip 2.1.9 |
||
spip spip 2.1.2 |
||
spip spip 2.1.18 |
||
spip spip 2.1.13 |
||
spip spip 2.1.11 |
||
spip spip 2.1.1 |
||
spip spip 2.0.5 |
||
spip spip 2.0.3 |
||
spip spip 2.0.17 |
||
spip spip 2.0.15 |
||
spip spip 2.0.10 |
||
spip spip 2.0.0 |
||
spip spip 3.0.2 |
||
spip spip 3.0.11 |
||
spip spip 3.0.6 |
||
spip spip 3.0.4 |
||
spip spip 3.0.20 |
||
spip spip 2.1.8 |
||
spip spip 2.1.3 |
||
spip spip 2.1.19 |
||
spip spip 2.1.12 |
||
spip spip 2.1.10 |
||
spip spip 2.0.4 |
||
spip spip 2.0.22 |
||
spip spip 2.0.18 |
||
spip spip 2.0.16 |
||
spip spip 2.0.1 |