CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

S9y: >> Serendipity >> 1.0_beta1 Security Vulnerabilities

CVE-2007-6205

Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.

CVSS Score

4.3

EPSS Score

0.006

Published

2007-12-11

CVE-2006-2495

Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity before 1.0-beta3 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag.

CVSS Score

7.5

EPSS Score

0.007

Published

2006-05-20

Page 1

Vulnerabilities

Vulnerable Software

S9y: >> Serendipity >> 1.0_beta1 Security Vulnerabilities

Products

Pricing

Contact Us