PHP remote file inclusion vulnerability in lang.php in SPiD before 1.3.1 allows remote attackers to execute arbitrary code via the lang_path parameter.
Threat-Mapped Scoring
Score: 1.8
Priority: P4 - Informational (Low)
S9 – Sabotage of System/App
EPSS
Score: 0.02961Percentile:
0.8592
CVSS Scoring
CVSS v2 Score: 7.5
Severity:
Affected Products
cpe:2.3:a:spid:spid:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:spid:spid:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:spid:spid:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:spid:spid:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:spid:spid:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:spid:spid:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:spid:spid:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:spid:spid:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:spid:spid:1.3.0:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me