Main Vulnerability Database Exploits ID:4222 - Exploit for Input validation error in SPIP - CVE-2013-2118

ID:4222 - Exploit for Input validation error in SPIP - CVE-2013-2118

Published: August 11, 2020

Vulnerability identifier: #VU42737

Vulnerability risk: Medium

CVE-ID: CVE-2013-2118

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
SPIP

Link to public exploit:

https://www.exploit-db.com/exploits/33425/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.

Remediation

Install update from vendor's website.

ID:4222 - Exploit for Input validation error in SPIP - CVE-2013-2118

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human