Vulnerabilities > Spip > Spip > 1.9.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-14 | CVE-2012-4331 | Security vulnerability in SPIP Multiple Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 have unknown impact and attack vectors that are not related to cross-site scripting (XSS), different vulnerabilities than CVE-2012-2151. | 10.0 |
2012-08-14 | CVE-2012-2151 | Cross-Site Scripting vulnerability in Spip Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-01-02 | CVE-2008-5813 | SQL Injection vulnerability in Spip SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2009-01-02 | CVE-2008-5812 | Multiple Unspecified vulnerability in SPIP Versions Prior to 2.0.2 Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 have unknown impact and attack vectors. | 10.0 |