CVE-2026-27747
Received Received - Intake
Authenticated SQL Injection in SPIP interface_traduction_objets Plugin

Publication date: 2026-02-25

Last updated on: 2026-03-02

Assigner: VulnCheck

Description
The SPIP interface_traduction_objets plugin versions prior toΒ 2.2.2 contain an authenticated SQL injection vulnerability in interface_traduction_objets_pipelines.php. When handling translation requests, the plugin reads the id_parent parameter from user-supplied input and concatenates it directly into a SQL WHERE clause in a call to sql_getfetsel() without input validation or parameterization. An authenticated attacker with editor-level privileges can inject crafted SQL expressions into the id_parent parameter to manipulate the backend query. Successful exploitation can result in disclosure or modification of database contents and may lead to denial of service depending on the database configuration and privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-25
Last Modified
2026-03-02
Generated
2026-05-07
AI Q&A
2026-02-25
EPSS Evaluated
2026-05-05
NVD
CVE-2026-27747
EUVD
EUVD-2026-8605
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
spip interface_traduction_objets to 2.2.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-27747 is an authenticated SQL injection vulnerability in the SPIP interface_traduction_objets plugin versions prior to 4.3.3.

The vulnerability occurs in the file interface_traduction_objets_pipelines.php, where the plugin processes translation requests by reading the user-supplied parameter id_parent.

This parameter is directly concatenated into a SQL WHERE clause within a call to sql_getfetsel() without any input validation or parameterization, which allows an attacker to inject malicious SQL code.

An attacker with authenticated editor-level privileges can exploit this flaw by injecting crafted SQL expressions into the id_parent parameter, enabling manipulation of backend database queries.


How can this vulnerability impact me? :

Successful exploitation of this vulnerability can lead to unauthorized disclosure or modification of database contents.

It may also cause denial of service depending on the database configuration and privileges.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability involves an authenticated SQL injection via the id_parent parameter in the interface_traduction_objets plugin prior to version 4.3.3. Detection typically requires verifying if the vulnerable plugin version is in use and if the id_parent parameter is being processed without proper input validation.'}, {'type': 'paragraph', 'content': 'Since the vulnerability requires authenticated access with editor-level privileges, detection can involve monitoring for unusual or suspicious SQL queries involving the id_parent parameter or attempts to inject SQL code.'}, {'type': 'paragraph', 'content': 'Specific commands to detect exploitation attempts might include reviewing web server logs or application logs for suspicious requests containing SQL syntax in the id_parent parameter.'}, {'type': 'list_item', 'content': 'Check the plugin version installed: verify if it is prior to 4.3.3.'}, {'type': 'list_item', 'content': 'Use web server log analysis tools or grep commands to search for suspicious id_parent parameter values, for example:'}, {'type': 'list_item', 'content': "grep -i 'id_parent=.*\\b(select|union|or|and)\\b' /path/to/webserver/access.log"}, {'type': 'list_item', 'content': 'Monitor database query logs for unusual queries involving the id_parent parameter.'}] [1]


What immediate steps should I take to mitigate this vulnerability?

The primary mitigation step is to upgrade the SPIP interface_traduction_objets plugin to version 4.3.3 or later, where the vulnerability has been fixed.

Until the upgrade can be applied, restrict editor-level access to trusted users only, as exploitation requires authenticated editor privileges.

Additionally, monitor and audit usage of the id_parent parameter to detect and block suspicious input patterns.

Implement web application firewall (WAF) rules to detect and block SQL injection attempts targeting the id_parent parameter.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart