CVE-2009-3337

2009-09-2416:00:00

mitre

www.cve.org

cve-2009-3337

sql injection

freetag plugin

serendipity

meta keywords

AI Score

8.4

Confidence

Low

EPSS

0.002

Percentile

52.1%

JSON

SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry.

References

blog.s9y.org/archives/210-Security-update-for-Freetag-Plugin.html

secunia.com/advisories/36706

www.securityfocus.com/bid/36376