CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2005-1452
https://notcve.org/view.php?id=CVE-2005-1452
Serendipity before 0.8 allows Chief users to "hide plugins installed by other users." • http://secunia.com/advisories/15145 http://www.s9y.org/63.html#A9 •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 2CVE-2005-1134 – S9Y Serendipity 0.8beta4 - 'exit.php' SQL Injection
https://notcve.org/view.php?id=CVE-2005-1134
SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) url_id or (2) entry_id parameters. • https://www.exploit-db.com/exploits/939 http://seclists.org/lists/bugtraq/2005/Apr/0195.html http://secunia.com/advisories/15145 http://securitytracker.com/id?1013699 http://www.osvdb.org/15542 http://www.s9y.org/5.html http://www.s9y.org/63.html#A9 http://www.securityfocus.com/bid/13161 https://exchange.xforce.ibmcloud.com/vulnerabilities/20119 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 4CVE-2004-2158 – S9Y Serendipity 0.7-beta1 - SQL Injection
https://notcve.org/view.php?id=CVE-2004-2158
SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php. • https://www.exploit-db.com/exploits/561 http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026955.html http://secunia.com/advisories/12673 http://securitytracker.com/id?1011448 http://www.osvdb.org/10370 http://www.osvdb.org/10371 http://www.securityfocus.com/bid/11269 https://exchange.xforce.ibmcloud.com/vulnerabilities/17533 •
CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 0CVE-2004-2525
https://notcve.org/view.php?id=CVE-2004-2525
Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable. • http://secunia.com/advisories/13357 http://securitytracker.com/id?1012383 http://sourceforge.net/tracker/index.php?func=detail&aid=1076762&group_id=75065&atid=542822 http://www.osvdb.org/12177 http://www.securityfocus.com/bid/11790 https://exchange.xforce.ibmcloud.com/vulnerabilities/18322 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 3CVE-2004-2157
https://notcve.org/view.php?id=CVE-2004-2157
Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026955.html http://secunia.com/advisories/12673 http://securitytracker.com/id?1011448 http://www.securityfocus.com/bid/11269 https://exchange.xforce.ibmcloud.com/vulnerabilities/17536 •