Shodan
Vulnerabilities
Vulnerable Software
Spip:  >> Spip  >> 2.0.26  Security Vulnerabilities
CVE-2013-7303
Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field.
CVSS Score
4.3
EPSS Score
0.004
Published
2014-01-30
CVE-2013-4555
Cross-site request forgery (CSRF) vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the user via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.002
Published
2013-11-18
CVE-2013-4556
Cross-site scripting (XSS) vulnerability in the author page (prive/formulaires/editer_auteur.php) in SPIP before 2.1.24 and 3.0.x before 3.0.12 allows remote attackers to inject arbitrary web script or HTML via the url_site parameter.
CVSS Score
4.3
EPSS Score
0.003
Published
2013-11-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved