Abyss-W4tcher/ab4yss-wr4iteups

Releases0

Stars3

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-24258 ↗	Feb 27, 2023Monday, 27 February 2023, 21:15	9.8 CRITICAL	—
SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request.
CVE-2022-37155 ↗	Dec 14, 2022Wednesday, 14 December 2022, 00:15	8.8 HIGH	—
RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups parameter.