S9Y » Serendipity : Security Vulnerabilities, CVEs, Published In 2009 (Code Execution)
Unrestricted file upload vulnerability in Serendipity before 1.5 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in an unspecified directory. NOTE: some of these details are obtained from third party information.
Max CVSS
6.0
EPSS Score
1.42%
Published
2009-12-24
Updated
2017-08-17
1 vulnerabilities found