Vulnerabilities > S9Y > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-16 | CVE-2023-31576 | Unrestricted Upload of File with Dangerous Type vulnerability in S9Y Serendipity 2.4.0 An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file. | 8.8 |
| 2020-03-25 | CVE-2020-10964 | Unrestricted Upload of File with Dangerous Type vulnerability in S9Y Serendipity Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. | 7.5 |
| 2019-11-05 | CVE-2011-1134 | Unrestricted Upload of File with Dangerous Type vulnerability in S9Y Serendipity Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager. | 7.5 |
| 2019-05-24 | CVE-2016-10752 | Unrestricted Upload of File with Dangerous Type vulnerability in S9Y Serendipity 2.0.3 serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename. | 7.5 |
| 2016-12-30 | CVE-2016-10082 | Improper Access Control vulnerability in S9Y Serendipity include/functions_installer.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the dbType POST parameter before adding it to an include() call in the bundled-libs/serendipity_generateFTPChecksums.php file. | 7.5 |
| 2012-08-13 | CVE-2012-2332 | SQL Injection vulnerability in S9Y Serendipity SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. | 7.5 |
| 2012-06-07 | CVE-2012-2762 | SQL Injection vulnerability in S9Y Serendipity SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php. | 7.5 |
| 2010-05-12 | CVE-2010-1916 | Permissions, Privileges, and Access Controls vulnerability in multiple products The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity 1.5.2 and earlier, allows remote attackers to bypass intended access restrictions and modify the configuration of arbitrary plugins via (1) crafted backend_config_secret_key_location and backend_config_hash parameters that are used in a SHA1 hash of a shared secret that can be known or externally influenced, which are not properly handled by the "Deprecated config passing" feature; or (2) crafted backend_data and backend_data[key_location] variables, which are not properly handled by the xinha_read_passed_data function. | 7.5 |
| 2009-09-24 | CVE-2009-3337 | SQL Injection vulnerability in S9Y Serendipity Event Freetag SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry. | 7.5 |
| 2006-05-20 | CVE-2006-2495 | Cross-Site Request Forgery vulnerability in Serendipity Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity before 1.0-beta3 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag. | 7.5 |