CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-16391
https://notcve.org/view.php?id=CVE-2019-16391
SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiser_action.php. SPIP versiones anteriores a 3.1.11 y versiones 3.2 anteriores a 3.2.5, permite a visitantes autenticados modificar cualquier contenido publicado y ejecutar otras modificaciones en la base de datos. Esto está • https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-2-5-et-SPIP-3-1-11.html https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-2-5-et-SPIP-3-1-11.html?lang=fr https://git.spip.net/SPIP/spip/commit/187952ce85e73b52c2753f2d54fc2c44807b8f79 https://git.spip.net/SPIP/spip/commit/3cbc758400323ab006c00ea78eacdb8f76aa5f66 https://lists.debian.org/debian-lts-announce/2019/10/msg00038.html https://seclists.org/bugtraq/2019/Sep/40 https://usn.ubuntu •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-16392
https://notcve.org/view.php?id=CVE-2019-16392
SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages. SPIP versiones anteriores a 3.1.11 y versiones 3.2 anteriores a 3.2.5, permite un ataque de tipo XSS del archivo prive/formulaires/login.php por medio de mensajes de error. • https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-2-5-et-SPIP-3-1-11.html https://git.spip.net/SPIP/spip/commit/3c12a82c7d9d4afd09e708748fa82e7836174028 https://lists.debian.org/debian-lts-announce/2019/10/msg00038.html https://seclists.org/bugtraq/2019/Sep/40 https://usn.ubuntu.com/4536-1 https://www.debian.org/security/2019/dsa-4532 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-16393
https://notcve.org/view.php?id=CVE-2019-16393
SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character. SPIP versiones anteriores a 3.1.11 y versiones 3.2 anteriores a 3.2.5, maneja inapropiadamente las URL de redireccionamiento en el archivo ecrire/inc/headers.php con un carácter %0D,%0A o %20. • https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-2-5-et-SPIP-3-1-11.html https://core.spip.net/issues/4362 https://git.spip.net/SPIP/spip/commit/0b832408b0aabd5b94a81e261e9413c0f31a19f1 https://lists.debian.org/debian-lts-announce/2019/10/msg00038.html https://seclists.org/bugtraq/2019/Sep/40 https://usn.ubuntu.com/4536-1 https://www.debian.org/security/2019/dsa-4532 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 1CVE-2019-16394
https://notcve.org/view.php?id=CVE-2019-16394
SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers. SPIP versiones anteriores a 3.1.11 y versiones 3.2 anteriores a 3.2.5, proporciona diferentes mensajes de error desde la página password-reminder dependiendo de si existe una dirección de correo electrónico, que podría ayudar a atacantes para enumerar suscriptores. • https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-2-5-et-SPIP-3-1-11.html https://core.spip.net/issues/4171 https://lists.debian.org/debian-lts-announce/2019/10/msg00038.html https://seclists.org/bugtraq/2019/Sep/40 https://usn.ubuntu.com/4536-1 https://www.debian.org/security/2019/dsa-4532 https://zone.spip.net/trac/spip-zone/changeset/117577/spip-zone https://zone.spip.net/trac/spip-zone/changeset/117578/spip-zone • CWE-203: Observable Discrepancy •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11071
https://notcve.org/view.php?id=CVE-2019-11071
SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled. SPIP 3.1 versiones anteriores a 3.1.10 y 3.2 versiones anteriores a 3.2.4 permite a los visitantes autentificados ejecutar código arbitrario en el servidor host porque var_memotri se maneja de forma inadecuada. • https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-1-10-et-SPIP-3-2-4.html https://github.com/spip/SPIP/commit/3ef87c525bc0768c926646f999a54222b37b5d36 https://github.com/spip/SPIP/commit/824d17f424bf77d17af89c18c3dc807a3199567e https://github.com/spip/SPIP/compare/1e3872c...9861a47 https://usn.ubuntu.com/4536-1 https://www.debian.org/security/2019/dsa-4429 • CWE-20: Improper Input Validation •