S9y: >> Serendipity Event Freetag Security Vulnerabilities
A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-01-22
SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry.
CVSS Score
7.5
EPSS Score
0.008
Published
2009-09-24
Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/.
CVSS Score
4.3
EPSS Score
0.005
Published
2008-02-13