10 matches found
EUVD-2017-1415
Malware in sbrugna...
CVE-2016-10752
serendipitymoveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename...
CVE-2016-10752
serendipitymoveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename...
CVE-2016-10752
serendipitymoveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename...
CVE-2016-10752
CVE-2016-10752 affects Serendipity 2.0.3 via the function serendipity_moveMediaDirectory. The vulnerability lets a remote attacker upload and execute arbitrary PHP code by exploiting an extensionless filename during a rename (demonstrated with a filename like "php"). Connected sources confirm the...
CVE-2017-1000129
Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure...
Sql injection
Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure...
CVE-2017-1000129
Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure...
CVE-2017-1000129
Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure...
Serendipity 2.0.3: From File Upload to Code Execution
RIPS Analysis The analysis of Serendipity with RIPS took 67 seconds to complete. The total amount of issues is reasonable for a web application of this size. Most of the 36 low severe issues detected are information leakage issues, for example, when an error message leaks the DBMS system of a...