Serendipity <= 1.0-beta2 Blog Configuration PHP Code Injection

ID 3518.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00


The remote host is running Serendipity, an open-source web log application. This version of Serendipity is vulnerable to a flaw where a remote attack can upload and execute PHP scripts with the rights of the web server. Successful exploitation may lead to partial loss of confidentiality, integrity, and availability.

                                            Binary data 3518.prm