CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Spip: >> Spip >> 2.1 Security Vulnerabilities

CVE-2013-7303

Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field.

CVSS Score

4.3

EPSS Score

0.004

Published

2014-01-30

CVE-2012-4331

Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 have unknown impact and attack vectors that are not related to cross-site scripting (XSS), different vulnerabilities than CVE-2012-2151.

CVSS Score

10.0

EPSS Score

0.004

Published

2012-08-14

CVE-2012-2151

Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.004

Published

2012-08-14

Page 1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved