The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of SPIP

SPIP: SQL injection
An attacker can use a SQL injection of SPIP, in order to read or alter data...
CVE-2019-19830, DSA-4583-1, VIGILANCE-VUL-31142
SPIP: code execution via ecrire var_memotri
An attacker can use a vulnerability via ecrire var_memotri of SPIP, in order to run code...
CVE-2019-11071, DSA-4429-1, VIGILANCE-VUL-28969
SPIP: multiple vulnerabilities
An attacker can use several vulnerabilities of SPIP...
VIGILANCE-VUL-28315
SPIP: vulnerability via valider_xml
A vulnerability via valider_xml() of SPIP was announced...
VIGILANCE-VUL-25596
SPIP: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of SPIP, in order to run JavaScript code in the context of the web site...
CVE-2017-15736, DSA-4228-1, VIGILANCE-VUL-24140
SPIP: code execution
An attacker can use a vulnerability of SPIP, in order to run code...
CVE-2017-9736, DSA-3890-1, VIGILANCE-VUL-22948
SPIP: code execution via balises.php
An attacker can use pages using #HTTP_HEADER on SPIP, in order to run PHP code...
CERTFR-2017-AVI-072, VIGILANCE-VUL-22023
SPIP: Cross Site Scripting via info_plugin.php
An attacker can trigger a Cross Site Scripting via info_plugin.php of SPIP, in order to run JavaScript code in the context of the web site...
CVE-2016-9998, DLA-760-1, VIGILANCE-VUL-21413
SPIP: Cross Site Scripting via puce_statut.php
An attacker can trigger a Cross Site Scripting via puce_statut.php of SPIP, in order to run JavaScript code in the context of the web site...
CVE-2016-9997, DLA-760-1, VIGILANCE-VUL-21412
SPIP: Cross Site Scripting via plonger.php
An attacker can trigger a Cross Site Scripting via plonger.php of SPIP, in order to run JavaScript code in the context of the web site...
CVE-2016-9152, DLA-738-1, VIGILANCE-VUL-21273
Our database contains other pages. You can request a free trial to read them.

Display information about SPIP: