A vulnerability has been found in SPIP, a website engine for publishing, which allows a malicious registered author to disconnect the website from its database, resulting in denial of service. The oldstable distribution doesn"t include spip.