CVE-2013-2118
published 2013-07-09CVE-2013-2118: SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors…
PriorityP357high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
8.98%
94.6th percentile
SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
Affected
57 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | spip | < spip 2.1.22-1 (bullseye) | spip 2.1.22-1 (bullseye) |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
| spip | spip | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2013-2118: spip - SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows rem...
vendor_debian·2013·CVSS 7.5
CVE-2013-2118 [HIGH] CVE-2013-2118: spip - SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows rem...
SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
Scope: local
bullseye: resolved (fixed in 2.1.22-1)
forky: resolved (fixed in 2.1.22-1)
sid: resolved (fixed in 2.1.22-1)
trixie: resolved (fixed in 2.1.22-1)
GHSA
GHSA-rvp2-88r9-jj4j: SPIP 3
ghsa_unreviewed·2022-05-17
CVE-2013-2118 [HIGH] GHSA-rvp2-88r9-jj4j: SPIP 3
SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
OSV
CVE-2013-2118: SPIP 3
osv·2013-07-09·CVSS 7.5
CVE-2013-2118 [HIGH] CVE-2013-2118: SPIP 3
SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
No detection rules found.
No writeups or analysis indexed.
http://contrib.spip.net/SPIP-3-0-9-2-1-22-2-0-23-corrections-de-bug-et-faille?lang=frhttp://core.spip.org/projects/spip/repository/revisions/20541http://www.debian.org/security/2013/dsa-2694http://www.openwall.com/lists/oss-security/2013/05/27/2http://contrib.spip.net/SPIP-3-0-9-2-1-22-2-0-23-corrections-de-bug-et-faille?lang=frhttp://core.spip.org/projects/spip/repository/revisions/20541http://www.debian.org/security/2013/dsa-2694http://www.openwall.com/lists/oss-security/2013/05/27/2
2013-07-09
Published