Zero-day Vulnerability Database

Change view:

Zero-day vulnerabilities discovered: 1

Improper access control in SPIP
CVE-2009-3041

Improper access control

The vulnerability allows a remote attacker to gain access to the target system.

The weakness exists due to improper access control related to installations and backups. A remote attacker can bypass implemented security control and compromise vulnerable website.

Successful exploitation of the vulnerability results in access to the vulnerable system.

Note: the vulnerability was being actively exploited.
i

The vulnerability was reported by vendor after successful compromise of vendor's website. The attackers hacked the website and were spreading malware.

Software: SPIP

The vulnerability was reported by vendor after successful compromise of vendor's website. The attackers hacked the website and were spreading malware.

Vulnerability Scanning SaaS

Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.