Vulnerabilities > CVE-2005-1713 - Unspecified vulnerability in S9Y Serendipity 0.8

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
s9y
nessus

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) templatedropdown and (2) shoutbox plugins.

Vulnerable Configurations

Part Description Count
Application
S9Y
1

Nessus

NASL familyCGI abuses
NASL idSERENDIPITY_081.NASL
descriptionAccording to its banner, the version of Serendipity installed on the remote host is affected by multiple vulnerabilities : - Unauthorized File Upload Vulnerability There is a vulnerability that may allow editors to upload arbitrary media files when they otherwise would not be allowed to do so. - Multiple Cross-Site Scripting Vulnerabilities The
last seen2020-06-01
modified2020-06-02
plugin id18298
published2005-05-18
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18298
titleSerendipity < 0.8.1 Multiple Vulnerabilities