Vulnerabilities > CVE-2005-1713 - Unspecified vulnerability in S9Y Serendipity 0.8
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) templatedropdown and (2) shoutbox plugins.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | CGI abuses |
NASL id | SERENDIPITY_081.NASL |
description | According to its banner, the version of Serendipity installed on the remote host is affected by multiple vulnerabilities : - Unauthorized File Upload Vulnerability There is a vulnerability that may allow editors to upload arbitrary media files when they otherwise would not be allowed to do so. - Multiple Cross-Site Scripting Vulnerabilities The |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18298 |
published | 2005-05-18 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18298 |
title | Serendipity < 0.8.1 Multiple Vulnerabilities |