Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/12/18 11:36 p.m.4 views

CVE-2023-53932

Serendipity 2.4.0 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through blog entry creation. Attackers can craft entries with JavaScript payloads that will execute when other users view the compromised blog post...

5.4CVSS6AI score0.00205EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/17 10:44 p.m.19 views

CVE-2023-53933 Serendipity 2.4.0 Authenticated Remote Code Execution via File Upload

Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension. Attackers can upload files with system command payloads to the media upload endpoint and execute arbitrary commands on the server...

8.8CVSS0.00874EPSS
Exploits1References3
0day.today
0day.today
added 2023/05/02 12:0 a.m.270 views

Serendipity 2.4.0 - File Inclusion Remote Code Execution Exploit

Exploit Title: Serendipity 2.4.0 - File Inclusion RCE Author: nu11secur1ty Vendor: https://docs.s9y.org/index.html Software: https://github.com/s9y/Serendipity/releases/tag/2.4.0 Reference: https://portswigger.net/web-security/file-upload Reference:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/20 12:0 a.m.337 views

Serendipity 2.4.0 Shell Upload

Exploit Title: Serendipity 2.4.0 - Remote Code Execution RCE Authenticated Application: Serendipity Version: 2.4.0 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://docs.s9y.org/ Software Link: https://docs.s9y.org/downloads.html Date of found:...

6.8AI score
Exploits0
Rows per page
Query Builder