3 matches found
Serendipity 1.6.1 SQL Injection
SQL Injection vulnerability in Serendipity Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...
CVE-2012-2332
SQL injection vulnerability in serendipity/serendipityadmin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipityplugintoconf parameter. NOTE: this issue might be resultant from cross-site request forgery CSRF...
Serendipity 1.6.1 SQL Injection
Advisory ID: HTB23092 Product: Serendipity Vendor: Serendipity Team Vulnerable Versions: 1.6.1 and probably prior Tested Version: 1.6.1 Vendor Notification: 16 May 2012 Vendor Patch: 16 May 2012 Public Disclosure: 6 June 2012 Vulnerability Type: SQL injection CVE Reference: CVE-2012-2762 CVSSv2...