Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s9y serendipity vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1066
The modifier.regex_replace.php plugin in Smarty prior to 2.6.19, as used by Serendipity (S9Y) and other products, allows malicious users to call arbitrary PHP functions via templates, related to a '\0' character in a search string.
Smarty Smarty
NA
CVE-2008-0751
Cross-site scripting (XSS) vulnerability in the Freetag prior to 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/.
S9y Serendipity Event Freetag
1 EDB exploit
NA
CVE-2007-6205
Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity prior to 1.2.1 allows remote malicious users to inject arbitrary web script or HTML via a link in an RSS feed.
S9y Serendipity 0.5
S9y Serendipity 0.8 Beta5
S9y Serendipity 1.0.3
S9y Serendipity 1.1.4
S9y Serendipity 0.4
S9y Serendipity 0.8.5
S9y Serendipity 0.7
S9y Serendipity 1.0.4
S9y Serendipity 0.7 Beta1
S9y Serendipity 1.0 Beta3
S9y Serendipity 0.8.3
S9y Serendipity 0.8.4
S9y Serendipity 0.8.2
S9y Serendipity 0.6 Rc1
S9y Serendipity 1.1.1
S9y Serendipity 0.8 Beta 6
S9y Serendipity 0.7.1
S9y Serendipity 0.5 Pl1
S9y Serendipity 1.0 Beta1
S9y Serendipity 0.6 Pl2
S9y Serendipity 1.0 Beta2
S9y Serendipity 0.7 Beta3
NA
CVE-2006-6242
Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and previous versions allow remote malicious users to read or include arbitrary local files via a .. (dot dot) sequence in the serendipity[charset] parameter in (1) include/lang.inc.php; or to plugins/ scripts (2) ...
S9y Serendipity 0.5
S9y Serendipity 0.8 Beta5
S9y Serendipity 1.0.3
S9y Serendipity 0.4
S9y Serendipity 0.7
S9y Serendipity 0.7 Beta1
S9y Serendipity 1.0 Beta3
S9y Serendipity 0.8.2
S9y Serendipity 0.6 Rc1
S9y Serendipity 0.7.1
S9y Serendipity 0.5 Pl1
S9y Serendipity 0.6 Pl2
S9y Serendipity 1.0 Beta2
S9y Serendipity 0.7 Beta3
S9y Serendipity 0.8 Beta6
S9y Serendipity 0.7 Beta4
S9y Serendipity 0.6 Pl1
S9y Serendipity 0.8.1
S9y Serendipity 0.8
S9y Serendipity 0.3
S9y Serendipity 0.6 Pl3
S9y Serendipity 0.9.1
1 EDB exploit
NA
CVE-2006-5499
Multiple cross-site scripting (XSS) vulnerabilities in Serendipity (s9y) 1.0.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors in the media manager administration page.
Serendipity Serendipity
NA
CVE-2006-2495
Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity prior to 1.0-beta3 allows remote malicious users to perform unauthorized actions as a logged-in user via a link or IMG tag.
S9y Serendipity 0.5
S9y Serendipity 0.4
S9y Serendipity 0.8.5
S9y Serendipity 0.7
S9y Serendipity 0.8.3
S9y Serendipity 0.8.4
S9y Serendipity 0.8.2
S9y Serendipity 0.7.1
S9y Serendipity 0.5 Pl1
S9y Serendipity 1.0 Beta1
S9y Serendipity 1.0 Beta2
S9y Serendipity 0.8.1
S9y Serendipity 0.8
S9y Serendipity 0.3
S9y Serendipity 0.6 Pl3
S9y Serendipity 0.9.1
S9y Serendipity 0.9
S9y Serendipity 0.6
NA
CVE-2006-1910
config.php in S9Y Serendipity 1.0 beta 2 allows remote malicious users to inject arbitrary PHP code by editing values that are stored in config.php and later executed. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...
S9y Serendipity 1.0 Beta2
NA
CVE-2005-3129
Cross-site request forgery (CSRF) vulnerability in Serendipity 0.8.4 and previous versions allows remote malicious users to perform unauthorized actions as a logged in user via a link or IMG tag to serendipity_admin.php.
S9y Serendipity
NA
CVE-2005-1713
Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 allow remote malicious users to inject arbitrary web script or HTML via the (1) templatedropdown and (2) shoutbox plugins.
S9y Serendipity 0.8
NA
CVE-2005-1448
Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity prior to 0.8 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
S9y Serendipity 0.8 Beta5
S9y Serendipity 0.7
S9y Serendipity 0.7 Beta1
S9y Serendipity 0.7.1
S9y Serendipity 0.7 Beta3
S9y Serendipity 0.8 Beta6
S9y Serendipity 0.7 Beta4
S9y Serendipity 0.7 Beta2
S9y Serendipity 0.7 Rc1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »