Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
serendipity vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2005-1449
Unknown vulnerability in serendipity_config_local.inc.php for Serendipity prior to 0.8 has unknown impact.
S9y Serendipity 0.8 Beta5
S9y Serendipity 0.4
S9y Serendipity 0.7
S9y Serendipity 0.7 Beta1
S9y Serendipity 0.7.1
S9y Serendipity 0.5 Pl1
S9y Serendipity 0.7 Beta3
S9y Serendipity 0.8 Beta6
S9y Serendipity 0.7 Beta4
S9y Serendipity 0.3
S9y Serendipity 0.6 Pl3
S9y Serendipity 0.7 Beta2
S9y Serendipity 0.7 Rc1
10
CVSSv2
CVE-2005-1452
Serendipity prior to 0.8 allows Chief users to "hide plugins installed by other users."
S9y Serendipity 0.4
S9y Serendipity 0.7
S9y Serendipity 0.7.1
S9y Serendipity 0.5 Pl1
S9y Serendipity 0.3
S9y Serendipity 0.6 Pl3
7.5
CVSSv2
CVE-2020-10964
Serendipity prior to 2.3.4 on Windows allows remote malicious users to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.
S9y Serendipity
7.5
CVSSv2
CVE-2011-1134
Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package prior to 1.5.5, allows remote malicious users to execute arbitrary code in the image manager.
S9y Serendipity
7.5
CVSSv2
CVE-2016-10752
serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote malicious users to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename.
S9y Serendipity 2.0.3
7.5
CVSSv2
CVE-2016-10082
include/functions_installer.inc.php in Serendipity up to and including 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the dbType POST parameter before adding it to an include() call in the b...
S9y Serendipity
7.5
CVSSv2
CVE-2012-2332
SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity prior to 1.6.1 allows remote malicious users to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF)...
S9y Serendipity 1.0.3
S9y Serendipity 1.3
S9y Serendipity 1.1.4
S9y Serendipity 0.4
S9y Serendipity 0.8.5
S9y Serendipity 0.7
S9y Serendipity 1.1.2
S9y Serendipity 1.0.4
S9y Serendipity 0.8.3
S9y Serendipity 1.5.3
S9y Serendipity 0.8.4
S9y Serendipity 0.8.2
S9y Serendipity 1.0.2
S9y Serendipity 1.1.1
S9y Serendipity 1.1
S9y Serendipity 0.7.1
S9y Serendipity 1.6.1
S9y Serendipity 1.0.1
S9y Serendipity 1.0
S9y Serendipity 1.5.5
S9y Serendipity 1.3.1
S9y Serendipity 0.8.1
1 EDB exploit
7.5
CVSSv2
CVE-2012-2762
SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote malicious users to execute arbitrary SQL commands via the url parameter to comment.php.
S9y Serendipity 1.0.3
S9y Serendipity 1.3
S9y Serendipity 1.1.4
S9y Serendipity 0.4
S9y Serendipity 0.8.5
S9y Serendipity 0.7
S9y Serendipity 1.1.2
S9y Serendipity 1.0.4
S9y Serendipity 0.8.3
S9y Serendipity 1.5.3
S9y Serendipity 0.8.4
S9y Serendipity 0.8.2
S9y Serendipity 1.0.2
S9y Serendipity 1.1.1
S9y Serendipity 1.1
S9y Serendipity 0.7.1
S9y Serendipity 1.0.1
S9y Serendipity 1.0
S9y Serendipity 1.5.5
S9y Serendipity 1.6
S9y Serendipity 1.3.1
S9y Serendipity 0.8.1
7.5
CVSSv2
CVE-2010-1916
The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and previous versions, as used in Serendipity 1.5.2 and previous versions, allows remote malicious users to bypass intended access restrictions and modify the configuration of arbitrary plugins via (1) crafted ...
Xinha Wysiwyg Editor 0.9
Xinha Wysiwyg Editor 0.91
Xinha Wysiwyg Editor 0.92
Xinha Wysiwyg Editor 0.93
Xinha Wysiwyg Editor 0.94
Xinha Wysiwyg Editor 0.95
Xinha Wysiwyg Editor 0.96
S9y Serendipity 0.3
S9y Serendipity 0.4
S9y Serendipity 0.5
S9y Serendipity 0.6
S9y Serendipity 0.7
S9y Serendipity 0.7.1
S9y Serendipity 0.8
S9y Serendipity 0.8.1
S9y Serendipity 0.8.2
S9y Serendipity 0.8.3
S9y Serendipity 0.8.4
S9y Serendipity 0.8.5
S9y Serendipity 0.9
S9y Serendipity 0.9.1
S9y Serendipity 1.0
7.5
CVSSv2
CVE-2009-3337
SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin prior to 3.09 for Serendipity (S9Y) allows remote malicious users to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry.
S9y Serendipity Event Freetag
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »