S9Y Serendipity : Security vulnerabilities, CVEs xss, cross site scripting published in 2004

Copy

CVE-2004-2525

Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable.

Max CVSS

4.3

EPSS Score

0.41%

Published

2004-12-31

Updated

2017-07-11

CVE-2004-2157

Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field.

Max CVSS

4.3

EPSS Score

0.68%

Published

2004-12-31

Updated

2017-07-11

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!