| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-0517 | 7.5 |
Multiple SQL injection vulnerabilities in formulaires/inc-formulaire_forum.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id_forum, (2) id_article, or (3) id_br
|
19-10-2018 - 15:45 | 02-02-2006 - 11:02 | |
| CVE-2006-0519 | 5.0 |
SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to obtain sensitive information via a direct request to inc-messforum.php3, which reveals the path in an error message.
|
20-07-2017 - 01:29 | 02-02-2006 - 11:02 | |
| CVE-2006-0625 | 6.4 |
Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via re
|
20-07-2017 - 01:29 | 09-02-2006 - 18:06 | |
| CVE-2006-0518 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
|
20-07-2017 - 01:29 | 02-02-2006 - 11:02 | |
| CVE-2006-0626 | 7.5 |
SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and earlier allows remote attackers to execute arbitrary SQL commands via the file parameter.
|
20-07-2017 - 01:29 | 09-02-2006 - 18:06 |