Arbitrary Code Execution Vulnerability in SPIP 3.1 and 3.2
CVE-2019-11071 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled.
Learn more about our Cis Benchmark Audit For Server Software.