Spip Vulnérabilités

Chronologie

L'année dernière

Version

3.1.214
3.1.113
3.1.012
3.2.011
3.2.111

Contre-mesures

Official Fix51
Temporary Fix0
Workaround0
Unavailable1
Not Defined7

Exploitabilité

High2
Functional1
Proof-of-Concept14
Unproven2
Not Defined40

Vecteur d'accès

Not Defined0
Physical0
Local0
Adjacent4
Network55

Authentification

Not Defined0
High0
Low18
None41

Interaction de l'utilisateur

Not Defined0
Required27
None32

C3BM Index

L'année dernière

CVSSv3 Base

≤10
≤20
≤30
≤44
≤512
≤68
≤710
≤818
≤94
≤103

CVSSv3 Temp

≤10
≤20
≤30
≤47
≤510
≤615
≤712
≤89
≤94
≤102

VulDB

≤10
≤20
≤30
≤46
≤515
≤65
≤713
≤814
≤93
≤103

NVD

≤10
≤20
≤30
≤40
≤50
≤61
≤711
≤82
≤94
≤106

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Fournisseur

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 jour

<1k13
<2k24
<5k22
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k59
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter le volume du marché

L'année dernière

🔴 CTI Activités

Affected Versions (112): 1.7.2, 1.8, 1.8.1, 1.8.2, 1.8.2b, 1.8.2d, 1.8.2e, 1.8.2g, 1.8.3, 1.8b1, 1.8b2, 1.8b3, 1.8b4, 1.8b5, 1.8b6, 1.9, 1.9 Alpha2 5539, 1.9.1, 1.9.2, 1.9.2c, 1.9.2d, 1.9.2f, 1.9.2g, 1.9.2h, 1.9.alpha1, 2, 2.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.1, 3, 3.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.11, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.8, 3.1.9, 3.1.11, 3.1.12, 3.1.13, 3.2, 3.2.0 Beta 2, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.9, 3.2.11, 3.2.12, 3.2.13, 3.2.14, 3.2.15, 3.2.16, 3.2.17, 4, 4.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.0.9, 4.1, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.11, 4.1.12, 4.1.13, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7

Type de logiciel: Content Management System

PubliéBaseTempVulnérabilité0dayAujourd'huiExpConCTICVE
19/01/20244.84.7SPIP File Upload bigup.js cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2024-23659
04/01/20244.84.7SPIP assembler.php _request cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-52322
01/03/20238.07.9SPIP Form Value elévation de privilèges$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-27372
28/02/20237.67.6SPIP POST Request sql injection$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2023-24258
14/12/20227.57.5SPIP GET Parameter Privilege Escalation$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-37155
20/05/20226.36.0SPIP ecrire sql injection$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-28961
20/05/20223.53.4SPIP spip.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.34CVE-2022-28959
20/05/20225.55.3SPIP ecrire elévation de privilèges$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-28960
11/03/20224.34.1SPIP Editorial Object divulgation de l'information$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-26847
11/03/20226.36.0SPIP Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2022-26846

49 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 49 results.

PrécédentAperçuSuivant

Do you need the next level of professionalism?

Upgrade your account now!