CVE-2016-9997
https://notcve.org/view.php?id=CVE-2016-9997
SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/puce_statut.php involving the `$id` parameter, as demonstrated by a /ecrire/?exec=puce_statut URL. SPIP 3.1.x sufre de una vulnerabilidad de XSS reflectada en /ecrire/exec/puce_statut.php involucrando el parámetro `$id`, según lo demostrado por una URL /ecrire/?exec=puce_statut. • http://www.securityfocus.com/bid/95008 http://www.securitytracker.com/id/1037486 https://core.spip.net/projects/spip/repository/revisions/23288 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-9998
https://notcve.org/view.php?id=CVE-2016-9998
SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/info_plugin.php involving the `$plugin` parameter, as demonstrated by a /ecrire/?exec=info_plugin URL. SPIP 3.1.x sufre de una vulnerabilidad de XSS reflectada en /ecrire/exec/info_plugin.php involucrando el parámetro `$plugin`, según lo demostrado por una URL /ecrire/?exec=info_plugin. • http://www.securityfocus.com/bid/95008 http://www.securitytracker.com/id/1037486 https://core.spip.net/projects/spip/repository/revisions/23288 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-9152
https://notcve.org/view.php?id=CVE-2016-9152
Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the rac parameter. Vulnerabilidad de XSS en ecrire/exec/plonger.php en SPIP 3.1.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro rac. • http://www.securityfocus.com/bid/94658 http://www.securitytracker.com/id/1037392 https://core.spip.net/projects/spip/repository/revisions/23290 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-7999 – SPIP 3.1.2 Server Side Request Forgery
https://notcve.org/view.php?id=CVE-2016-7999
ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action. Ecrire/exec/valider_xml.php en SPIP 3.1.2 y versiones anteriores permite a atacantes llevar a cabo ataques de SSRF a través de una URL en el parámetro var_url en una acción valider_xml. SPIP versions 3.1.2 and below suffer from a server-side request forgery vulnerability. • http://www.openwall.com/lists/oss-security/2016/10/05/17 http://www.openwall.com/lists/oss-security/2016/10/07/5 http://www.openwall.com/lists/oss-security/2016/10/08/6 http://www.openwall.com/lists/oss-security/2016/10/12/10 http://www.securityfocus.com/bid/93451 https://core.spip.net/projects/spip/repository/revisions/23188 https://core.spip.net/projects/spip/repository/revisions/23193 https://sysdream.com/news/lab/2016-10-19-spip-3-1-2-server-side • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2016-7998 – SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution
https://notcve.org/view.php?id=CVE-2016-7998
The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action. El compositor/compilador de plantillas de SPIP en SPIP 3.1.2 y versiones anteriores permite a usuarios remotos autentificados ejecutar código PHP arbitrario cargando un archivo HTML con una etiqueta INCLUDE (1) o INCLURE (2) manipulada y después accediendo a ella con una acción valider_xml. SPIP versions 3.1.2 and below suffer from a PHP code execution vulnerability. • https://www.exploit-db.com/exploits/40595 http://www.openwall.com/lists/oss-security/2016/10/05/17 http://www.openwall.com/lists/oss-security/2016/10/07/5 http://www.openwall.com/lists/oss-security/2016/10/08/6 http://www.securityfocus.com/bid/93451 https://core.spip.net/projects/spip/repository/revisions/23186 https://core.spip.net/projects/spip/repository/revisions/23189 https://core.spip.net/projects/spip/repository/revisions/23192 https://sysdream.com/news • CWE-20: Improper Input Validation •