Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Serendipity Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2023-53933 - Vulnerability Database
Serendipity

Serendipity Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2023-53933

High
Reference: CVE-2023-53933
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-53933
Title: Serendipity Unrestricted Upload of File with Dangerous Type Vulnerability
Overview:

Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension. Attackers can upload files with system command payloads to the media upload endpoint and execute arbitrary commands on the server.