Spip
by Spip
Source repositories
CVEs (78)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-7954 | Cri | 0.74 | 9.8 | 0.90 | Aug 23, 2024 | The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. | ||
| CVE-2017-9736 | Cri | 0.64 | 9.8 | 0.03 | Jun 17, 2017 | SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution. | ||
| CVE-2016-3154 | Cri | 0.64 | 9.8 | 0.02 | Apr 8, 2016 | The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object. | ||
| CVE-2016-3153 | Cri | 0.64 | 9.8 | 0.02 | Apr 8, 2016 | SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to execute arbitrary PHP code by adding content, related to the filtrer_entites function. | ||
| CVE-2016-7998 | Hig | 0.61 | 8.8 | 0.14 | Jan 18, 2017 | The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action. | ||
| CVE-2016-7980 | Hig | 0.61 | 8.8 | 0.04 | Jan 18, 2017 | Cross-site request forgery (CSRF) vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted valider_xml request. NOTE:… | ||
| CVE-2026-8429 | Hig | 0.57 | 8.8 | 0.01 | May 12, 2026 | SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the private space that allows attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability to achieve code execution that bypasses the SPIP security… | ||
| CVE-2023-53900 | Hig | 0.57 | 8.8 | 0.00 | Dec 16, 2025 | Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload… | ||
| CVE-2026-8430 | Hig | 0.53 | 8.1 | 0.00 | May 12, 2026 | SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the public space that is limited to certain nginx configurations, allowing attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability through… | ||
| CVE-2016-7982 | Hig | 0.53 | 7.5 | 0.21 | Jan 18, 2017 | Directory traversal vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the var_url parameter in a valider_xml action. | ||
| CVE-2016-7999 | Hig | 0.48 | 7.4 | 0.02 | Jan 18, 2017 | ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action. | ||
| CVE-2026-33549 | Med | 0.44 | 6.7 | 0.00 | Mar 22, 2026 | SPIP 4.4.10 through 4.4.12 before 4.4.13 allows unintended privilege assignment (of administrator privileges) during the editing of an author data structure because of STATUT mishandling. | ||
| CVE-2017-15736 | Med | 0.40 | 6.1 | 0.01 | Oct 22, 2017 | Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 allows remote attackers to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to prive/objets/contenu/auteur.html and ecrire/inc/texte_mini.php. | ||
| CVE-2016-7981 | Med | 0.40 | 6.1 | 0.08 | Jan 18, 2017 | Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action. | ||
| CVE-2016-9998 | Med | 0.40 | 6.1 | 0.01 | Dec 17, 2016 | SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/info_plugin.php involving the `$plugin` parameter, as demonstrated by a /ecrire/?exec=info_plugin URL. | ||
| CVE-2016-9997 | Med | 0.40 | 6.1 | 0.01 | Dec 17, 2016 | SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/puce_statut.php involving the `$id` parameter, as demonstrated by a /ecrire/?exec=puce_statut URL. | ||
| CVE-2016-9152 | Med | 0.40 | 6.1 | 0.01 | Dec 5, 2016 | Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the rac parameter. | ||
| CVE-2026-48832 | Low | 0.23 | 3.5 | 0.00 | May 24, 2026 | action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability. | ||
| CVE-2024-8517 | 0.10 | — | 0.95 | Sep 6, 2024 | SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request. | |||
| CVE-2023-27372 | 0.10 | — | 1.00 | Feb 28, 2023 | SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. |
- risk 0.74cvss 9.8epss 0.90
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.
- risk 0.64cvss 9.8epss 0.03
SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the host field, allowing a remote attacker to cause remote code execution.
- risk 0.64cvss 9.8epss 0.02
The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object.
- risk 0.64cvss 9.8epss 0.02
SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to execute arbitrary PHP code by adding content, related to the filtrer_entites function.
- risk 0.61cvss 8.8epss 0.14
The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action.
- risk 0.61cvss 8.8epss 0.04
Cross-site request forgery (CSRF) vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted valider_xml request. NOTE:…
- risk 0.57cvss 8.8epss 0.01
SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the private space that allows attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability to achieve code execution that bypasses the SPIP security…
- risk 0.57cvss 8.8epss 0.00
Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload…
- risk 0.53cvss 8.1epss 0.00
SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the public space that is limited to certain nginx configurations, allowing attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability through…
- risk 0.53cvss 7.5epss 0.21
Directory traversal vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the var_url parameter in a valider_xml action.
- risk 0.48cvss 7.4epss 0.02
ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action.
- risk 0.44cvss 6.7epss 0.00
SPIP 4.4.10 through 4.4.12 before 4.4.13 allows unintended privilege assignment (of administrator privileges) during the editing of an author data structure because of STATUT mishandling.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 allows remote attackers to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to prive/objets/contenu/auteur.html and ecrire/inc/texte_mini.php.
- risk 0.40cvss 6.1epss 0.08
Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.
- risk 0.40cvss 6.1epss 0.01
SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/info_plugin.php involving the `$plugin` parameter, as demonstrated by a /ecrire/?exec=info_plugin URL.
- risk 0.40cvss 6.1epss 0.01
SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/puce_statut.php involving the `$id` parameter, as demonstrated by a /ecrire/?exec=puce_statut URL.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the rac parameter.
- risk 0.23cvss 3.5epss 0.00
action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability.
- CVE-2024-8517Sep 6, 2024risk 0.10cvss —epss 0.95
SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request.
- CVE-2023-27372Feb 28, 2023risk 0.10cvss —epss 1.00
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.
Page 1 of 4