Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Serendipity Security Vulnerabilities

cve
cve

CVE-2019-11870

Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the templates/2k11/admin/media_items.tpl Media Library feature.

6.1CVSS

5.8AI Score

0.001EPSS

2019-05-09 11:29 PM
36
cve
cve

CVE-2020-10964

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.

9.8CVSS

9.7AI Score

0.028EPSS

2020-03-25 10:15 PM
65
cve
cve

CVE-2023-31576

An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file.

8.8CVSS

8.7AI Score

0.001EPSS

2023-05-16 02:15 PM
103
Total number of security vulnerabilities53