The media manager in Serendipity prior to 0.8 allows remote malicious users to upload and execute arbitrary (1) .php or (2) .shtml files.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
s9y serendipity 0.4 |
||
s9y serendipity 0.5_pl1 |
||
s9y serendipity 0.6_pl3 |
||
s9y serendipity 0.7 |
||
s9y serendipity 0.7.1 |
||
s9y serendipity 0.7_rc1 |
||
s9y serendipity 0.8_beta_5 |
||
s9y serendipity 0.8_beta_6 |
||
s9y serendipity 0.7_beta1 |
||
s9y serendipity 0.7_beta3 |
||
s9y serendipity 0.3 |
||
s9y serendipity 0.7_beta2 |
||
s9y serendipity 0.7_beta4 |
Vulmon