Vulnerabilities > CVE-2005-1713 - Unspecified vulnerability in S9Y Serendipity 0.8

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
s9y
nessus

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) templatedropdown and (2) shoutbox plugins.

Vulnerable Configurations

Part Description Count
Application
S9Y
1

Nessus

NASL familyCGI abuses
NASL idSERENDIPITY_081.NASL
descriptionAccording to its banner, the version of Serendipity installed on the remote host is affected by multiple vulnerabilities : - Unauthorized File Upload Vulnerability There is a vulnerability that may allow editors to upload arbitrary media files when they otherwise would not be allowed to do so. - Multiple Cross-Site Scripting Vulnerabilities The
last seen2020-06-01
modified2020-06-02
plugin id18298
published2005-05-18
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18298
titleSerendipity < 0.8.1 Multiple Vulnerabilities