Serendipity@1.6 Security Vulnerabilities and Issues — Serendipity@1.6 CVE List

Lucene search

S9ySerendipity1.6

3 matches found

CVE•added 2012/06/07 7:55 p.m.•52 views

CVE-2012-2762

SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.

7.5CVSS8.4AI score0.00717EPSS

CVE•added 2013/11/05 6:55 p.m.•47 views

CVE-2013-5670

Cross-site scripting (XSS) vulnerability in spell-check-savedicts.php in the htmlarea SpellChecker module, as used in Serendipity before 1.7.3 and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the to_r_list parameter.

4.3CVSS5.9AI score0.00329EPSS

CVE•added 2013/08/19 9:10 p.m.•37 views

CVE-2013-5314

Cross-site scripting (XSS) vulnerability in serendipity_admin_image_selector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipity[htmltarget] parameter.

4.3CVSS5.9AI score0.00421EPSS