Vulnerabilities > S9Y > Serendipity > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-03 | CVE-2005-1451 | Remote Security vulnerability in Serendipity The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files. | 7.5 |
| 2005-05-03 | CVE-2005-1450 | Remote Security vulnerability in Serendipity Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact. | 7.5 |
| 2005-04-13 | CVE-2005-1134 | SQL injection vulnerability in S9Y Serendipity Exit.PHP SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) url_id or (2) entry_id parameters. | 7.5 |
| 2004-12-31 | CVE-2004-2158 | Input Validation vulnerability in S9Y Serendipity 0.7Beta1 SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php. | 7.5 |