Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 5 Oct 2016 20:13:12 +0200
From: Sysdream Labs <labs@...dream.com>
To: oss-security@...ts.openwall.com
Cc: spip-team-owner@...o.net
Subject: SPIP vulnerabilities: request for 5 CVE

Hello,

We need 5 CVE ID for the following vulnerabilities found in SPIP <= 3.1.2 (http://www.spip.net/):

* Template Compiler/Composer PHP Code Execution
* Cross-Site Request Forgery
* Reflected Cross-Site Scripting
* File Enumeration / Path Traversal
* Server Side Request Forgery

Thank you in advance,


Best regards,

-- 
SYSDREAM Labs <labs@...dream.com>

GPG :
47D1 E124 C43E F992 2A2E
1551 8EB4 8CD9 D5B2 59A1

* Website: https://sysdream.com/
* Twitter: @sysdream



Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ