SQL injection in Serendipity

Advisory ID: HTB23092 Product: Serendipity Vendor: Serendipity Team Vulnerable Versions: 1.6.1 and probably prior Tested Version: 1.6.1 Vendor Notification: 16 May 2012 Vendor Patch: 16 May 2012 Public Disclosure: 6 June 2012 Vulnerability Type: SQL injection CVE Reference: CVE-2012-2762 CVSSv2...

Irokez Blog 0.7.1 - Multiple Remote File Inclusions

+------------------------------------------------------------------------------------------- + Irokez CMS +------------------------------------------------------------------------------------------- + Details: + Irokez CMS has several scripts which do not initialize variables before using them to...