Описание
SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for (1) ecrire/exec/install.php and (2) ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 2.0.9-1 |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | ignored | end of life |
| lucid | not-affected | 2.0.9-1 |
| maverick | not-affected | 2.0.9-1 |
| natty | not-affected | 2.0.9-1 |
| upstream | needs-triage |
Показывать по
7.5 High
CVSS2
Связанные уязвимости
SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for (1) ecrire/exec/install.php and (2) ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009.
SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper acc ...
SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for (1) ecrire/exec/install.php and (2) ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009.
7.5 High
CVSS2