Serendipity@0.8 beta6 Security Vulnerabilities and Issues — Serendipity@0.8 beta6 CVE List

Lucene search

S9ySerendipity0.8 beta6

6 matches found

CVE•added 2008/02/28 8:44 p.m.•60 views

CVE-2008-0124

Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3-beta1 allows remote authenticated users to inject arbitrary web script or HTML via (1) the "Real name" field in Personal Settings, which is presented to readers of articles; or (2) a file upload, as demonstrated by a .htm, .ht...

4.3CVSS5.1AI score0.0065EPSS

CVE•added 2005/04/16 4:0 a.m.•44 views

CVE-2005-1134

SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) url_id or (2) entry_id parameters.

7.5CVSS8.4AI score0.02264EPSS

CVE•added 2006/12/03 7:28 p.m.•43 views

CVE-2006-6242

Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and earlier allow remote attackers to read or include arbitrary local files via a .. (dot dot) sequence in the serendipity[charset] parameter in (1) include/lang.inc.php; or to plugins/ scripts (2) serendipity_event_bbcode/serendipit...

6.8CVSS6.8AI score0.04411EPSS

CVE•added 2005/05/03 4:0 a.m.•41 views

CVE-2005-1448

Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

6.8CVSS5.8AI score0.01009EPSS

CVE•added 2007/12/11 8:46 p.m.•38 views

CVE-2007-6205

Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.

4.3CVSS5.4AI score0.00585EPSS

CVE•added 2005/05/03 4:0 a.m.•30 views

CVE-2005-1449

Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact.

10CVSS7AI score0.00376EPSS