Serendipity 1.6 Backend XSS And SQLi Vulnerability

No description provided by source. Advisory: Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability Advisory ID: KORAMIS-ADV2012-001 Contact: [email protected] Author: Stefan Schurtz Affected Software: Successfully tested on Serendipity 1.6 Vendor URL: http://www.s9y.org...

CVE-2012-2332

The CVE-2012-2332 issue affects Serendipity prior to version 1.6.1. A SQL injection vulnerability exists in serendipity/serendipity_admin.php via the parameter serendipity[plugin_to_conf], potentially allowing remote attackers to execute arbitrary SQL commands. The vulnerability note also mention...

CVE-2012-2332

SQL injection vulnerability in serendipity/serendipityadmin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipityplugintoconf parameter. NOTE: this issue might be resultant from cross-site request forgery CSRF...

Serendipity 1.6 Backend XSS And SQLi Vulnerability

Exploit for php platform in category web applications Serendipity 1.6 Backend XSS And SQLi Vulnerability Author: Stefan Schurtz Affected Software: Successfully tested on Serendipity 1.6 Vendor URL: http://www.s9y.org Vendor Status: fixed CVE-ID: CVE-2012-2331,CVE-2012-2332...

S9Y Serendipity 1.6 - Backend Cross-Site Scripting SQL Injection

S9Y Serendipity 1.6 - Backend Cross-Site Scripting SQL Injection Advisory: Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability Advisory ID: KORAMIS-ADV2012-001 Contact: [email protected] Author: Stefan Schurtz Affected Software: Successfully tested on Serendipity 1.6...

S9Y Serendipity 1.6 - 'Backend' Cross-Site Scripting / SQL Injection

Advisory: Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability Advisory ID: KORAMIS-ADV2012-001 Contact: [email protected] Author: Stefan Schurtz Affected Software: Successfully tested on Serendipity 1.6 Vendor URL: http://www.s9y.org Vendor Status: fixed CVE-ID:...