Vulnerabilities > S9Y > Serendipity Event Freetag > 2.42
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-22 | CVE-2011-3610 | Cross-site Scripting vulnerability in S9Y Serendipity Event Freetag A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf. | 4.3 |
| 2009-09-24 | CVE-2009-3337 | SQL Injection vulnerability in S9Y Serendipity Event Freetag SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry. | 7.5 |
| 2008-02-13 | CVE-2008-0751 | Cross-Site Scripting vulnerability in S9Y Serendipity Event Freetag Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/. | 4.3 |