2 matches found
CVE-2015-6943
SQL injection vulnerability in the serendipitycheckCommentToken function in include/functionscomments.inc.php in Serendipity before 2.0.2, when "Use Tokens for Comment Moderation" is enabled, allows remote administrators to execute arbitrary SQL commands via the serendipityid parameter to...
CVE-2015-6943
Serendipity (PHP-based blogging system) versions before 2.0.2 are affected by an SQL injection in serendipity_checkCommentToken (include/functions_comments.inc.php). When the "Use Tokens for Comment Moderation" option is enabled, the issue allows remote administrators to execute arbitrary SQL com...