Vulnerabilities > Serendipitynz
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-06-22 | CVE-2009-2165 | Unspecified vulnerability in Serendipitynz Serene Bach SerendipityNZ (aka SimpleBoxes) Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id. | 7.5 |
2007-01-09 | CVE-2007-0137 | Cross-Site Scripting vulnerability in Serene Bach Cross-site scripting (XSS) vulnerability in SimpleBoxes/SerendipityNZ Serene Bach 2.05R and earlier, and 2.08D and earlier in the 2.08 series; and (2) sb 1.13D and earlier, and 1.18R and earlier in the 1.18 series; allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network serendipitynz | 6.8 |