CVE-2016-7982

HIGH

SPIP < 3.1.2 - Path Traversal via var_url Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-7982. PoCs published by Sysdream.

AI-analyzed exploit summary This exploit demonstrates a path traversal vulnerability in SPIP versions <= 3.1.2, allowing remote attackers to enumerate files on the system via the `valider_xml` endpoint. The PoC includes bypass techniques for SPIP 3.1.2 using PHP wrappers.

Description

Directory traversal vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the var_url parameter in a valider_xml action.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Sysdream · textwebappsphp

https://www.exploit-db.com/exploits/40596

View Code ZIP pw:eip

This exploit demonstrates a path traversal vulnerability in SPIP versions <= 3.1.2, allowing remote attackers to enumerate files on the system via the `valider_xml` endpoint. The PoC includes bypass techniques for SPIP 3.1.2 using PHP wrappers.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SPIP <= 3.1.2

No auth needed

Prerequisites: Access to the `valider_xml` endpoint

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/93451

Issue Tracking, Patch, Vendor Advisory x_refsource_confirm

https://core.spip.net/projects/spip/repository/revisions/23200

Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2016/10/06/6

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2016/10/05/17

Various Sources x_refsource_misc

https://sysdream.com/news/lab/2016-10-19-spip-3-1-1-3-1-2-file-enumeration-path-traversal-cve-2016-7982/

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2016/10/12/8

Scores

CVSS v3 7.5

EPSS 0.2051

EPSS Percentile 97.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

spip/spip < 3.1.2

Published Jan 18, 2017

Tracked Since Feb 18, 2026