Download
| Alert*
oval:org.secpod.oval:def:67128
spip: website engine for publishing Several security issues were fixed in SPIP. oval:org.secpod.oval:def:603847 It was discovered that SPIP, a website engine for publishing, did not properly sanitize its user input. This would allow an authenticated user to perform arbitrary command execution. oval:org.secpod.oval:def:705655 spip: website engine for publishing Several security issues were fixed in SPIP. oval:org.secpod.oval:def:1901856 SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled. |