cpe:/a:spip:spip:1.8 cpe:/a:spip:spip:1.8.1 cpe:/a:spip:spip:1.8.2 cpe:/a:spip:spip:1.8.2b cpe:/a:spip:spip:1.8.3 cpe:/a:spip:spip:1.8b1 cpe:/a:spip:spip:1.8b2 cpe:/a:spip:spip:1.8b3 cpe:/a:spip:spip:1.8b4 cpe:/a:spip:spip:1.8b5 cpe:/a:spip:spip:1.8b6 cpe:/a:spip:spip:1.9.0 cpe:/a:spip:spip:1.9.1:rev7385 cpe:/a:spip:spip:1.9.1:rev7502 cpe:/a:spip:spip:1.9.2 cpe:/a:spip:spip:1.9.2f cpe:/a:spip:spip:2.0.0 cpe:/a:spip:spip:2.0.1 CVE-2008-5813 2009-01-02T13:11:09.610-05:00 2017-08-07T21:33:33.343-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-01-05T09:04:00.000-05:00 ALLOWS_OTHER_ACCESS BID 33021 BID 33061 SECUNIA 33307 CONFIRM http://www.spip-contrib.net/SPIP-1-8-3b-1-9-2g-2-2 XF spip-multiple-unspecified(47695) XF spip-rubriques-sql-injection(47626) SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information.