CVE-2009-3041

EXPLOITED IN THE WILD

SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 - Unauthenticated Unauthorized Access via Install and Backup Endpoints

Title source: llm

Exploitation Summary

CVE-2009-3041 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit from researchers including Kernel_Panik.

AI-analyzed exploit summary This exploit targets SPIP CMS versions before 2.0.9 by leveraging a directory traversal vulnerability to write arbitrary XML files. It chains multiple requests to extract a hash and save a file in an unintended location.

Description

SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for (1) ecrire/exec/install.php and (2) ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kernel_Panik · pythonwebappsphp

https://www.exploit-db.com/exploits/9448

View Code ZIP pw:eip

This exploit targets SPIP CMS versions before 2.0.9 by leveraging a directory traversal vulnerability to write arbitrary XML files. It chains multiple requests to extract a hash and save a file in an unintended location.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: SPIP CMS < 2.0.9

No auth needed

Prerequisites: Network access to the target SPIP instance · Write permissions in the target directory

MITRE ATT&CK

T1006 - Direct Volume Access T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/36008

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/52381

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/36365

Patch, Vendor Advisory x_refsource_confirm

http://www.spip-contrib.net/SPIP-Security-Alert-new-version

Patch x_refsource_misc

http://fil.rezo.net/secu-14346-14350+14354.patch

Scores

EPSS 0.0384

EPSS Percentile 88.5%

Details

VulnCheck KEV 2009-08-06

InTheWild.io 2017-08-17

CWE

CWE-264

Status published

Products (17)

spip/spip 1.9 (2 CPE variants)

spip/spip 1.9.1

spip/spip 1.9.2c

spip/spip 1.9.2d

spip/spip 1.9.2g

spip/spip 1.9.2h

spip/spip 1.9.alpha1

spip/spip 2.0 rc1

spip/spip 2.0.0

spip/spip 2.0.1

... and 7 more

Published Sep 01, 2009

Tracked Since Feb 18, 2026