Vulnerabilities > CVE-2005-1712 - Unspecified vulnerability in SY9 Serendipity 0.8
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sy9
nessus
Summary
Unknown vulnerability in Serendipity 0.8, when used with multiple authors, allows unprivileged authors to upload arbitrary media files.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | CGI abuses |
| NASL id | SERENDIPITY_081.NASL |
| description | According to its banner, the version of Serendipity installed on the remote host is affected by multiple vulnerabilities : - Unauthorized File Upload Vulnerability There is a vulnerability that may allow editors to upload arbitrary media files when they otherwise would not be allowed to do so. - Multiple Cross-Site Scripting Vulnerabilities The |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 18298 |
| published | 2005-05-18 |
| reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/18298 |
| title | Serendipity < 0.8.1 Multiple Vulnerabilities |