Vulnerabilities > S9Y > Serendipity Freetag Plugin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-09-24 | CVE-2009-3337 | SQL Injection vulnerability in S9Y Serendipity Event Freetag SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry. | 7.5 |
| 2008-02-13 | CVE-2008-0751 | Cross-Site Scripting vulnerability in S9Y Serendipity Event Freetag Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/. | 4.3 |