Suite au signalement d'une faille critique de sécurité, nous publions les versions SPIP 4.3.0-alpha2, 4.2.13, 4.1.16. Un grand merci à Laluka (Jacques-Chevallier Louka) pour le signalement. Ces…| SPIP Blog
Some more 0-day research done on Spip, includes preauth and postauth RCE. We're also welcoming our first guest-writer t0 that will introduce another post-auth RCE he found! Disclosing a bit late but hey, now it's there! :)| thinkloveshare.com
Vulnerability research write-up on spip, the web framework used by root-me.org. The issues found goes from XSS to RCE, passing by SQLi!| thinkloveshare.com