SPIP Security Bypass and Arbitrary File Upload Vulnerability

SPIP is prone to multiple vulnerabilities because the application fails to adequately sanitize user-supplied input.

Attackers can leverage these issues to bypass certain security restrictions and to upload and execute arbitrary code in the context of the application.

These issues affect versions prior to SPIP 2.0.7 and 1.9.2h.


 

Privacy Statement
Copyright 2010, SecurityFocus