Vulnerabilities > Spip > Spip > 1.9.2g
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-01 | CVE-2009-3041 | Permissions, Privileges, and Access Controls vulnerability in Spip SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for (1) ecrire/exec/install.php and (2) ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009. | 7.5 |