Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s9y vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2157
Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions prior to 0.7-beta3, allows remote malicious users to inject arbitrary HTML and PHP code via the (1) email or (2) username field.
S9y Serendipity 0.7 Beta1
NA
CVE-2004-2158
SQL injection vulnerability in Serendipity 0.7-beta1 allows remote malicious users to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php.
S9y Serendipity 0.7 Beta1
1 EDB exploit
NA
CVE-2008-0751
Cross-site scripting (XSS) vulnerability in the Freetag prior to 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/.
S9y Serendipity Event Freetag
1 EDB exploit
NA
CVE-2006-1910
config.php in S9Y Serendipity 1.0 beta 2 allows remote malicious users to inject arbitrary PHP code by editing values that are stored in config.php and later executed. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...
S9y Serendipity 1.0 Beta2
6.1
CVSSv3
CVE-2011-3610
A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin prior to 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf.
S9y Serendipity Event Freetag
NA
CVE-2009-3337
SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin prior to 3.09 for Serendipity (S9Y) allows remote malicious users to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry.
S9y Serendipity Event Freetag
NA
CVE-2006-5499
Multiple cross-site scripting (XSS) vulnerabilities in Serendipity (s9y) 1.0.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors in the media manager administration page.
Serendipity Serendipity
NA
CVE-2008-1476
Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) prior to 1.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to received trackbacks.
Serendipity Serendipity 0.8
Serendipity Serendipity 0.9.1
Serendipity Serendipity 1.1.2
Serendipity Serendipity 1.0.1
Serendipity Serendipity 0.3
Serendipity Serendipity 0.8.3
Serendipity Serendipity
Serendipity Serendipity 1.1
Serendipity Serendipity 1.0.4
Serendipity Serendipity 1.1.3
Serendipity Serendipity 0.8.2
Serendipity Serendipity 0.8.4
Serendipity Serendipity 0.9
Serendipity Serendipity 0.8.1
Serendipity Serendipity 0.7.1
Serendipity Serendipity 1.1.4
Serendipity Serendipity 0.6 Pl3
Serendipity Serendipity 1.2
Serendipity Serendipity 1.0.2
Serendipity Serendipity 0.5 Pl1
Serendipity Serendipity 0.8.5
Serendipity Serendipity 1.1.1
NA
CVE-2008-1066
The modifier.regex_replace.php plugin in Smarty prior to 2.6.19, as used by Serendipity (S9Y) and other products, allows malicious users to call arbitrary PHP functions via templates, related to a '\0' character in a search string.
Smarty Smarty
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6