S9Y » Serendipity : Security Vulnerabilities, CVEs,
An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file.
Max CVSS
8.8
EPSS Score
0.07%
Published
2023-05-16
Updated
2023-05-23
Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.
Max CVSS
9.8
EPSS Score
2.22%
Published
2020-03-25
Updated
2020-03-27
Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the templates/2k11/admin/media_items.tpl Media Library feature.
Max CVSS
6.1
EPSS Score
0.14%
Published
2019-05-09
Updated
2019-05-10
Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure
Max CVSS
7.5
EPSS Score
0.12%
Published
2017-11-17
Updated
2017-11-29
Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin's cookie and other information by composing a new entry as an editor user. This is related to lack of the serendipity_event_xsstrust plugin and a set_config error in that plugin.
Max CVSS
5.4
EPSS Score
0.08%
Published
2017-04-24
Updated
2017-04-28
There is CSRF in Serendipity 2.0.5, allowing attackers to install any themes via a GET request.
Max CVSS
8.8
EPSS Score
0.09%
Published
2017-04-24
Updated
2017-04-27
SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.
Max CVSS
8.8
EPSS Score
0.14%
Published
2017-01-28
Updated
2019-03-19
Serendipity through 2.0.5 allows CSRF for the installation of an event plugin or a sidebar plugin.
Max CVSS
8.8
EPSS Score
0.07%
Published
2017-01-14
Updated
2017-01-25
comment.php in Serendipity through 2.0.5 allows CSRF in deleting any comments.
Max CVSS
8.8
EPSS Score
0.07%
Published
2017-01-14
Updated
2017-01-25
Open redirect vulnerability in comment.php in Serendipity through 2.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header.
Max CVSS
6.1
EPSS Score
0.11%
Published
2017-01-14
Updated
2017-01-25
serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename.
Max CVSS
9.8
EPSS Score
0.60%
Published
2019-05-24
Updated
2019-05-29
Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter.
Max CVSS
5.4
EPSS Score
0.09%
Published
2019-01-16
Updated
2019-01-23
include/functions_installer.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the dbType POST parameter before adding it to an include() call in the bundled-libs/serendipity_generateFTPChecksums.php file.
Max CVSS
9.8
EPSS Score
0.60%
Published
2016-12-30
Updated
2017-01-03
In Serendipity before 2.0.5, an attacker can bypass SSRF protection by using a malformed IP address (e.g., http://127.1) or a 30x (aka Redirection) HTTP status code.
Max CVSS
8.6
EPSS Score
0.20%
Published
2016-12-01
Updated
2016-12-03
Multiple cross-site scripting (XSS) vulnerabilities in Serendipity before 2.0.5 allow remote authenticated users to inject arbitrary web script or HTML via a category or directory name.
Max CVSS
5.4
EPSS Score
0.10%
Published
2016-12-25
Updated
2016-12-30
Cross-site scripting (XSS) vulnerability in Serendipity before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the serendipity[entry_id] parameter in an "edit" admin action to serendipity_admin.php.
Max CVSS
5.4
EPSS Score
0.11%
Published
2016-01-12
Updated
2018-10-09
Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 theme in Serendipity before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via a user name in a comment, which is not properly handled in a Reply link.
Max CVSS
4.3
EPSS Score
0.23%
Published
2015-09-16
Updated
2015-09-16
Multiple incomplete blacklist vulnerabilities in the serendipity_isActiveFile function in include/functions_images.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .pht or (2) .phtml extension.
Max CVSS
6.5
EPSS Score
0.36%
Published
2015-09-16
Updated
2015-09-16
SQL injection vulnerability in the serendipity_checkCommentToken function in include/functions_comments.inc.php in Serendipity before 2.0.2, when "Use Tokens for Comment Moderation" is enabled, allows remote administrators to execute arbitrary SQL commands via the serendipity[id] parameter to serendipity_admin.php.
Max CVSS
6.0
EPSS Score
0.27%
Published
2015-09-15
Updated
2016-12-22
Cross-site scripting (XSS) vulnerability in templates/2k11/admin/entries.tpl in Serendipity before 2.0.1 allows remote authenticated editors to inject arbitrary web script or HTML via the serendipity[cat][name] parameter to serendipity_admin.php, when creating a new category.
Max CVSS
3.5
EPSS Score
0.14%
Published
2015-03-23
Updated
2018-10-09
Multiple cross-site scripting (XSS) vulnerabilities in templates/2k11/admin/overview.inc.tpl in Serendipity before 2.0-rc2 allow remote attackers to inject arbitrary web script or HTML via a blog comment in the QUERY_STRING to serendipity/index.php.
Max CVSS
4.3
EPSS Score
0.68%
Published
2014-12-31
Updated
2018-10-09
Cross-site scripting (XSS) vulnerability in spell-check-savedicts.php in the htmlarea SpellChecker module, as used in Serendipity before 1.7.3 and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the to_r_list parameter.
Max CVSS
4.3
EPSS Score
0.17%
Published
2013-11-05
Updated
2013-11-07
Cross-site scripting (XSS) vulnerability in serendipity_admin_image_selector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipity[htmltarget] parameter.
Max CVSS
4.3
EPSS Score
0.24%
Published
2013-08-19
Updated
2013-08-20
SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.
Max CVSS
7.5
EPSS Score
0.42%
Published
2012-06-07
Updated
2017-08-29
SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF).
Max CVSS
7.5
EPSS Score
3.31%
Published
2012-08-13
Updated
2012-08-14