Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s9y serendipity vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2005-1449
Unknown vulnerability in serendipity_config_local.inc.php for Serendipity prior to 0.8 has unknown impact.
S9y Serendipity 0.8 Beta5
S9y Serendipity 0.4
S9y Serendipity 0.7
S9y Serendipity 0.7 Beta1
S9y Serendipity 0.7.1
S9y Serendipity 0.5 Pl1
S9y Serendipity 0.7 Beta3
S9y Serendipity 0.8 Beta6
S9y Serendipity 0.7 Beta4
S9y Serendipity 0.3
S9y Serendipity 0.6 Pl3
S9y Serendipity 0.7 Beta2
S9y Serendipity 0.7 Rc1
890
VMScore
CVE-2005-1452
Serendipity prior to 0.8 allows Chief users to "hide plugins installed by other users."
S9y Serendipity 0.4
S9y Serendipity 0.7
S9y Serendipity 0.7.1
S9y Serendipity 0.5 Pl1
S9y Serendipity 0.3
S9y Serendipity 0.6 Pl3
755
VMScore
CVE-2012-2332
SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity prior to 1.6.1 allows remote malicious users to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF)...
S9y Serendipity 1.0.3
S9y Serendipity 1.3
S9y Serendipity 1.1.4
S9y Serendipity 0.4
S9y Serendipity 0.8.5
S9y Serendipity 0.7
S9y Serendipity 1.1.2
S9y Serendipity 1.0.4
S9y Serendipity 0.8.3
S9y Serendipity 1.5.3
S9y Serendipity 0.8.4
S9y Serendipity 0.8.2
S9y Serendipity 1.0.2
S9y Serendipity 1.1.1
S9y Serendipity 1.1
S9y Serendipity 0.7.1
S9y Serendipity 1.6.1
S9y Serendipity 1.0.1
S9y Serendipity 1.0
S9y Serendipity 1.5.5
S9y Serendipity 1.3.1
S9y Serendipity 0.8.1
1 EDB exploit
755
VMScore
CVE-2005-1134
SQL injection vulnerability in exit.php for Serendipity 0.8 and previous versions allows remote malicious users to execute arbitrary SQL commands via the (1) url_id or (2) entry_id parameters.
S9y Serendipity 0.5
S9y Serendipity 0.8 Beta5
S9y Serendipity 0.4
S9y Serendipity 0.7
S9y Serendipity 0.7 Beta1
S9y Serendipity 0.6 Rc1
S9y Serendipity 0.5 Pl1
S9y Serendipity 0.6 Pl2
S9y Serendipity 0.7 Beta3
S9y Serendipity 0.8 Beta6
S9y Serendipity 0.7 Beta4
S9y Serendipity 0.6 Pl1
S9y Serendipity 0.3
S9y Serendipity 0.6 Pl3
S9y Serendipity 0.6 Rc2
S9y Serendipity 0.7 Beta2
S9y Serendipity 0.7 Rc1
S9y Serendipity 0.6
1 EDB exploit
755
VMScore
CVE-2004-2158
SQL injection vulnerability in Serendipity 0.7-beta1 allows remote malicious users to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php.
S9y Serendipity 0.7 Beta1
1 EDB exploit
685
VMScore
CVE-2006-6242
Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and previous versions allow remote malicious users to read or include arbitrary local files via a .. (dot dot) sequence in the serendipity[charset] parameter in (1) include/lang.inc.php; or to plugins/ scripts (2) ...
S9y Serendipity 0.5
S9y Serendipity 0.8 Beta5
S9y Serendipity 1.0.3
S9y Serendipity 0.4
S9y Serendipity 0.7
S9y Serendipity 0.7 Beta1
S9y Serendipity 1.0 Beta3
S9y Serendipity 0.8.2
S9y Serendipity 0.6 Rc1
S9y Serendipity 0.7.1
S9y Serendipity 0.5 Pl1
S9y Serendipity 0.6 Pl2
S9y Serendipity 1.0 Beta2
S9y Serendipity 0.7 Beta3
S9y Serendipity 0.8 Beta6
S9y Serendipity 0.7 Beta4
S9y Serendipity 0.6 Pl1
S9y Serendipity 0.8.1
S9y Serendipity 0.8
S9y Serendipity 0.3
S9y Serendipity 0.6 Pl3
S9y Serendipity 0.9.1
1 EDB exploit
668
VMScore
CVE-2020-10964
Serendipity prior to 2.3.4 on Windows allows remote malicious users to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.
S9y Serendipity
668
VMScore
CVE-2011-1134
Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package prior to 1.5.5, allows remote malicious users to execute arbitrary code in the image manager.
S9y Serendipity
668
VMScore
CVE-2016-10752
serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote malicious users to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename.
S9y Serendipity 2.0.3
668
VMScore
CVE-2016-10082
include/functions_installer.inc.php in Serendipity up to and including 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the dbType POST parameter before adding it to an include() call in the b...
S9y Serendipity
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »