SPIP v4.1.5 and previous versions exists to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows malicious users to execute arbitrary code via a crafted POST request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spip spip |