CVE-2013-2118

Опубликовано: 09 июл. 2013

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:spip:spip:3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:3.0.4:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:3.0.6:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:3.0.7:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:3.0.8:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:spip:spip:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.5:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.6:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.7:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.8:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.9:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.10:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.11:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.12:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.13:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.14:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.15:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.16:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.17:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.18:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.19:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.20:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.1.21:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:spip:spip:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.6:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.7:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.8:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.9:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.10:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.11:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.12:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.13:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.14:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.15:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.16:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.17:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.18:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.19:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.20:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.21:*:*:*:*:*:*:*

cpe:2.3:a:spip:spip:2.0.22:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.11956

Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2013-2118

ubuntu

больше 12 лет назад

SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.

CVE-2013-2118

debian

больше 12 лет назад

SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 ...

GHSA-rvp2-88r9-jj4j

github

больше 3 лет назад

SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.

EPSS

Процентиль: 94%

0.11956

Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo