S9y: >> Serendipity Event Freetag >> 2.103 Security Vulnerabilities
A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-01-22
SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry.
CVSS Score
7.5
EPSS Score
0.008
Published
2009-09-24