SPIP Development Team

Short Name: SPIP
Previous Names: [None Entered]
URL: http://www.spip.net/ [visit link]
Email: spip-devrezo.net
Security URL: [None Entered]
Security Email: [None Entered]
Knowledge Base: [None Entered]
Notes: [No Notes]

Vulnerabilities by Vendor Product

SPIP Development Team

SPIP Development Team
SPIP Watch-list
1.8.2
OSVDB ID: 21864 SPIP spip_login.php3 XSS
OSVDB ID: 21865 SPIP spip_pass.php3 XSS
1.8.2
OSVDB ID: 22849 SPIP index.php3 lang Parameter XSS
1.8.2-e
OSVDB ID: 22845 SPIP forum.php3 Multiple Parameter SQL Injection
OSVDB ID: 22848 SPIP Session Handling Petition Posting Multiple Unspecified SQL Injection
OSVDB ID: 22844 SPIP Administrative Area Multiple Unspecified SQL Injection
1.9 Alpha 2 (5539)
OSVDB ID: 22845 SPIP forum.php3 Multiple Parameter SQL Injection
1.8.2g
OSVDB ID: 23086 SPIP spip_rss.php type_urls Parameter Traversal Local File Inclusion
OSVDB ID: 23087 SPIP spip_acces_doc.php3 file Parameter SQL Injection
1.8.3
OSVDB ID: 24630 SPIP spip_login.php3 url Variable Arbitrary Site Redirect
2.1.0
OSVDB ID: 66760 SPIP prive/informer_auteur_fonctions.php var_login Parameter XSS
2.1.7
OSVDB ID: 70491 SPIP Multiple Unspecified Critical Issue
2.1.7
OSVDB ID: 70490 SPIP spip.php op Parameter Traversal Local File Inclusion
2.0.17
OSVDB ID: 81473 SPIP Multiple Unspecified XSS
2.1.12
OSVDB ID: 81473 SPIP Multiple Unspecified XSS
1.9.2n
OSVDB ID: 81473 SPIP Multiple Unspecified XSS
2.0.20
OSVDB ID: 83543 SPIP connect Parameter Remote PHP Code Execution
2.1.15
OSVDB ID: 83543 SPIP connect Parameter Remote PHP Code Execution
3.0.2
OSVDB ID: 83543 SPIP connect Parameter Remote PHP Code Execution
1.9.2n
OSVDB ID: 84756 SPIP Multiple Unspecified Issues
2.0.17
OSVDB ID: 84756 SPIP Multiple Unspecified Issues
2.1.12
OSVDB ID: 84756 SPIP Multiple Unspecified Issues
2.1.6
OSVDB ID: 70491 SPIP Multiple Unspecified Critical Issue
2.1.7
OSVDB ID: 91124 SPIP Multiple Unspecified Issues
2.1.6
OSVDB ID: 91124 SPIP Multiple Unspecified Issues
2.1.16-1
2.1.16
OSVDB ID: 91186 SPIP Base Name Disclosure
2.1.13
OSVDB ID: 91259 SPIP Unspecified XSS
2.1.1
OSVDB ID: 91325 SPIP Unspecified Configuration Script XSS
3.0.8
OSVDB ID: 93683 SPIP /inc/filtres.php Unspecified Editorial Control Privilege Escalation
2.1.21
OSVDB ID: 93683 SPIP /inc/filtres.php Unspecified Editorial Control Privilege Escalation
2.0.22
OSVDB ID: 93683 SPIP /inc/filtres.php Unspecified Editorial Control Privilege Escalation
2.1.23
OSVDB ID: 99683 SPIP /prive/formulaires/editer_auteur.php url_site Parameter XSS
OSVDB ID: 99682 SPIP /ecrire/action/logout.php Logout Handling CSRF
3.0.11
OSVDB ID: 99683 SPIP /prive/formulaires/editer_auteur.php url_site Parameter XSS
OSVDB ID: 99682 SPIP /ecrire/action/logout.php Logout Handling CSRF
OSVDB ID: 102441 SPIP Author Name Field Stored XSS
2.1.24
OSVDB ID: 99683 SPIP /prive/formulaires/editer_auteur.php url_site Parameter XSS
OSVDB ID: 99682 SPIP /ecrire/action/logout.php Logout Handling CSRF
3.0.13
OSVDB ID: 99683 SPIP /prive/formulaires/editer_auteur.php url_site Parameter XSS
OSVDB ID: 99682 SPIP /ecrire/action/logout.php Logout Handling CSRF
OSVDB ID: 102441 SPIP Author Name Field Stored XSS
2.1.23
3.0.11
2.1.24
3.0.13
2.1.23
OSVDB ID: 99684 SPIP _core_/securite/ecran_securite.php connect Parameter Remote Code Execution
3.0.11
OSVDB ID: 99684 SPIP _core_/securite/ecran_securite.php connect Parameter Remote Code Execution
2.1.24
OSVDB ID: 99684 SPIP _core_/securite/ecran_securite.php connect Parameter Remote Code Execution
3.0.13
OSVDB ID: 99684 SPIP _core_/securite/ecran_securite.php connect Parameter Remote Code Execution
3.0.13
2.1.25
OSVDB ID: 102441 SPIP Author Name Field Stored XSS
3.0.11
2.1.24
OSVDB ID: 102441 SPIP Author Name Field Stored XSS
2.0.25
OSVDB ID: 105370 SPIP TextWheel Plugin User Registration Unspecified Stored XSS
2.1.26
OSVDB ID: 105370 SPIP TextWheel Plugin User Registration Unspecified Stored XSS
3.0.16
OSVDB ID: 105370 SPIP TextWheel Plugin User Registration Unspecified Stored XSS
2.0.24
OSVDB ID: 105370 SPIP TextWheel Plugin User Registration Unspecified Stored XSS
2.1.25
OSVDB ID: 105370 SPIP TextWheel Plugin User Registration Unspecified Stored XSS
3.0.15
OSVDB ID: 105370 SPIP TextWheel Plugin User Registration Unspecified Stored XSS
2.0.25
OSVDB ID: 105371 SPIP quete.php calcul_exposer() Function SQL Injection Weakness
2.1.26
OSVDB ID: 105371 SPIP quete.php calcul_exposer() Function SQL Injection Weakness
3.0.16
OSVDB ID: 105371 SPIP quete.php calcul_exposer() Function SQL Injection Weakness
2.0.24
OSVDB ID: 105371 SPIP quete.php calcul_exposer() Function SQL Injection Weakness
2.1.25
OSVDB ID: 105371 SPIP quete.php calcul_exposer() Function SQL Injection Weakness
3.0.15
OSVDB ID: 105371 SPIP quete.php calcul_exposer() Function SQL Injection Weakness
2.0.25
OSVDB ID: 105374 SPIP utils.php Log Messages PHP Code Injection Weakness
2.1.26
OSVDB ID: 105374 SPIP utils.php Log Messages PHP Code Injection Weakness
3.0.16
OSVDB ID: 105374 SPIP utils.php Log Messages PHP Code Injection Weakness
2.0.24
OSVDB ID: 105374 SPIP utils.php Log Messages PHP Code Injection Weakness
2.1.25
OSVDB ID: 105374 SPIP utils.php Log Messages PHP Code Injection Weakness
3.0.15
OSVDB ID: 105374 SPIP utils.php Log Messages PHP Code Injection Weakness



The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use