NotCVE - vendor:"S9y" product:"Serendipity" version:" <= 1.6.2"

Page 5 of 52 results (0.008 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2005-1713

https://notcve.org/view.php?id=CVE-2005-1713

24 May 2005 — Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) templatedropdown and (2) shoutbox plugins. • http://secunia.com/advisories/15405 •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2005-1712

https://notcve.org/view.php?id=CVE-2005-1712

24 May 2005 — Unknown vulnerability in Serendipity 0.8, when used with multiple authors, allows unprivileged authors to upload arbitrary media files. • http://secunia.com/advisories/15405 •

CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2005-1448

https://notcve.org/view.php?id=CVE-2005-1448

03 May 2005 — Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. • http://secunia.com/advisories/15145 •

CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0

CVE-2005-1451

https://notcve.org/view.php?id=CVE-2005-1451

03 May 2005 — The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files. • http://secunia.com/advisories/15145 •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

CVE-2005-1452

https://notcve.org/view.php?id=CVE-2005-1452

03 May 2005 — Serendipity before 0.8 allows Chief users to "hide plugins installed by other users." • http://secunia.com/advisories/15145 •

CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2005-1450

https://notcve.org/view.php?id=CVE-2005-1450

03 May 2005 — Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact. • http://secunia.com/advisories/15145 •

CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0

CVE-2005-1449

https://notcve.org/view.php?id=CVE-2005-1449

03 May 2005 — Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact. • http://secunia.com/advisories/15145 •

CVSS: 9.8EPSS: 1%CPEs: 18EXPL: 2

CVE-2005-1134 – S9Y Serendipity 0.8beta4 - 'exit.php' SQL Injection

https://notcve.org/view.php?id=CVE-2005-1134

13 Apr 2005 — SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) url_id or (2) entry_id parameters. • https://www.exploit-db.com/exploits/939 •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 3

CVE-2004-2157

https://notcve.org/view.php?id=CVE-2004-2157

31 Dec 2004 — Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026955.html •

CVSS: 6.1EPSS: 0%CPEs: 16EXPL: 0

CVE-2004-2525

https://notcve.org/view.php?id=CVE-2004-2525

31 Dec 2004 — Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable. • http://secunia.com/advisories/13357 •

1...3 4 5 6