← back
CVE-2013-4557

CVE-2013-4557

EPSS 25.3%
The Security Screen (_core_/securite/ecran_securite.php) before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/55551https://www.debian.org/security/2013/dsa-2794http://www.openwall.com/lists/oss-security/2013/11/10/4http://www.securitytracker.com/id/1029317http://www.spip.net/fr_article5646.htmlhttp://www.spip.net/fr_article5648.htmlhttp://zone.spip.org/trac/spip-zone/changeset/75105/_core_/securite/ecran_securite.php