Posted by Sysdream Labs on Oct 19

## SPIP 3.1.2 Template Compiler/Composer PHP Code Execution (CVE-2016-7998)

### Product Description

SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments
and ease of use. It is free software, distributed under the GNU/GPL licence.

### Vulnerability Description

The SPIP template composer/compiler does not correctly handle SPIP “INCLUDE/INCLURE” Tags, allowing PHP code…