CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

S9y: >> Serendipity >> 1.5.4 Security Vulnerabilities

CVE-2012-2332

SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF).

CVSS Score

7.5

EPSS Score

0.013

Published

2012-08-13

CVE-2012-2762

SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.

CVSS Score

7.5

EPSS Score

0.007

Published

2012-06-07

Page 3

Vulnerabilities

Vulnerable Software

S9y: >> Serendipity >> 1.5.4 Security Vulnerabilities

Products

Pricing

Contact Us