This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Spip First view 2006-02-02
Product Spip Last view 2019-12-17
Version 1.9.alpha1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:spip:spip

Activity : Overall

Related : CVE

  Date Alert Description
6.5 2019-12-17 CVE-2019-19830

_core_/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authenticated authors to inject content into the database.

5.3 2019-09-17 CVE-2019-16394

SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers.

6.1 2019-09-17 CVE-2019-16393

SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character.

6.1 2019-09-17 CVE-2019-16392

SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages.

6.5 2019-09-17 CVE-2019-16391

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiser_action.php.

8.8 2019-04-10 CVE-2019-11071

SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled.

6.1 2017-10-22 CVE-2017-15736

Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 allows remote attackers to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to prive/objets/contenu/auteur.html and ecrire/inc/texte_mini.php.

7.4 2017-01-18 CVE-2016-7999

ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action.

8.8 2017-01-18 CVE-2016-7998

The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action.

7.5 2017-01-18 CVE-2016-7982

Directory traversal vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the var_url parameter in a valider_xml action.

6.1 2017-01-18 CVE-2016-7981

Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.

8.8 2017-01-18 CVE-2016-7980

Cross-site request forgery (CSRF) vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted valider_xml request. NOTE: this issue can be combined with CVE-2016-7998 to execute arbitrary PHP code.

4.3 2014-01-30 CVE-2013-7303

Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field.

4.3 2013-11-17 CVE-2013-4556

Cross-site scripting (XSS) vulnerability in the author page (prive/formulaires/editer_auteur.php) in SPIP before 2.1.24 and 3.0.x before 3.0.12 allows remote attackers to inject arbitrary web script or HTML via the url_site parameter.

6.8 2013-11-17 CVE-2013-4555

Cross-site request forgery (CSRF) vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the user via unspecified vectors.

7.5 2009-09-01 CVE-2009-3041

SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for (1) ecrire/exec/install.php and (2) ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009.

5 2006-02-02 CVE-2006-0519

SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to obtain sensitive information via a direct request to inc-messforum.php3, which reveals the path in an error message.

4.3 2006-02-02 CVE-2006-0518

Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

7.5 2006-02-02 CVE-2006-0517

Multiple SQL injection vulnerabilities in formulaires/inc-formulaire_forum.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id_forum, (2) id_article, or (3) id_breve parameters to forum.php3; (4) unspecified vectors related to "session handling"; and (5) when posting "petitions".

CWE : Common Weakness Enumeration

%idName
35% (5) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
21% (3) CWE-20 Improper Input Validation
14% (2) CWE-352 Cross-Site Request Forgery (CSRF)
7% (1) CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
7% (1) CWE-264 Permissions, Privileges, and Access Controls
7% (1) CWE-200 Information Exposure
7% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...

Open Source Vulnerability Database (OSVDB)

id Description
57510 SPIP Database Backup Unspecified Authentication Bypass
22849 SPIP index.php3 lang Parameter XSS
22848 SPIP Session Handling Petition Posting Multiple Unspecified SQL Injection
22846 SPIP inc-messforum.php3 Direct Access Path Disclosure
22845 SPIP forum.php3 Multiple Parameter SQL Injection

OpenVAS Exploits

id Description
2006-03-26 Name : SPIP < 1.8.2-g SQL Injection and XSS Flaws
File : nvt/spip_sql_injection.nasl

Nessus® Vulnerability Scanner

id Description
2018-06-15 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4228.nasl - Type: ACT_GATHER_INFO
2016-11-03 Name: The remote Debian host is missing a security update.
File: debian_DLA-695.nasl - Type: ACT_GATHER_INFO
2013-11-21 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2794.nasl - Type: ACT_GATHER_INFO
2006-02-25 Name: The remote web server has a PHP application that is affected by multiple flaws.
File: spip_sql_injection.nasl - Type: ACT_GATHER_INFO