Posted by Sysdream Labs on Oct 19

## SPIP 3.1.1/3.1.2 File Enumeration / Path Traversal (CVE-2016-7982)

### Product Description

SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments
and ease of use. It is free software, distributed under the GNU/GPL licence.

### Vulnerability Description

The `valider_xml` file can be used to enumerate files on the system.

**Access Vector**: remote

**Security Risk**: medium…