CVE-2026-39971

Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the email sending functionality in include/functions.inc.php inserts $SERVER'HTTPHOST' directly into the Message-ID SMTP header without validation, and the existing sanitization function serendipityisResponseClean is not...

CVE-2026-39971 Serendipity: Host Header Injection leads to SMTP header injection via unvalidated HTTP_HOST

Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the email sending functionality in include/functions.inc.php inserts $SERVER'HTTPHOST' directly into the Message-ID SMTP header without validation, and the existing sanitization function serendipityisResponseClean is not...

CVE-2026-39963

The CVE describes a vulnerability in Serendipity (PHP weblog engine) where the function serendipity_setCookie() in include/functions_config.inc.php uses $_SERVER['HTTP_HOST'] as the cookie domain without validation for versions 2.6-beta2 and earlier. An attacker who can influence the Host header ...

[SECURITY] Fedora 42 Update: wordpress-6.9.4-1.fc42

Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. Important information in /usr/share/doc/wordpress/README.fedora...

EUVD-2018-19302

Malware in sbrugna...

EUVD-2006-1338

Malware in sbrugna...

EUVD-2006-0947

Malware in sbrugna...

EUVD-2008-0386

Malware in sbrugna...

EUVD-2007-2567

Malware in sbrugna...

EUVD-2007-2285

Malware in sbrugna...

EUVD-2006-0948

Malware in sbrugna...

EUVD-2002-1447

Malware in sbrugna...

EUVD-2005-2524

Malware in sbrugna...

EUVD-2002-1448

Malware in sbrugna...

EUVD-2008-0775

Malware in sbrugna...

EUVD-2006-4083

Malware in sbrugna...

EUVD-2008-1640

Malware in sbrugna...

EUVD-2008-2197

Malware in sbrugna...

EUVD-2005-2722

Malware in sbrugna...

EUVD-2005-2723

Malware in sbrugna...