EUVD-2015-6900

Malware in sbrugna...

EUVD-2008-1393

Malware in sbrugna...

EUVD-2014-9253

Malware in sbrugna...

CVE-2015-6968

Multiple incomplete blacklist vulnerabilities in the serendipityisActiveFile function in include/functionsimages.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .pht or 2 .phtml extension...

CVE-2011-3800

Serendipity 1.5.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/newspaper/layout.php and certain other files...

[Full-Disclosure] Serendipity 0.7-beta1 SQL Injection PoC

Serendipity 0.7-beta1 SQL Injection Proof of Concept By aCiDBiTS [email protected] 13-September-2004 "Serendipity http://www.s9y.org/ is a weblog/blog system, implemented with PHP. It is standards compliant, feature rich and open source BSD License." There is no user input sanitation for...

Serendipity < 0.7.0beta3 Multiple Vulnerabilities

The remote version of Serendipity is vulnerable to SQL injection issues due to a failure of the application to properly sanitize user- supplied input. An attacker may exploit this flaw to issue arbitrary statements in the remote database, and therefore, bypass authorization or even overwrite...