Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

Serendipity

Serendipity is a PHP-powered weblog engine that gives the user an easy way to maintain a blog.

Official Site:

https://docs.s9y.org/

Severity Summary:

Critical: 6 High: 13 Medium: 26 Low: 2
Reference
Title
Severity
CVE-2016-10752
Serendipity Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
CVE-2020-10964
Serendipity Remote Code Execution
Critical
CVE-2005-1449
Serendipity Other Vulnerability
Critical
CVE-2011-1134
Serendipity Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
CVE-2016-10082
Serendipity Improper Access Control Vulnerability
Critical
CVE-2005-1452
Serendipity Other Vulnerability
Critical
CVE-2012-2762
Serendipity Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2012-2332
Serendipity Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2006-2495
Serendipity Other Vulnerability
High
CVE-2010-1916
Serendipity Permissions Privileges and Access Controls Vulnerability
High
CVE-2005-1451
Serendipity Other Vulnerability
High
CVE-2005-1450
Serendipity Other Vulnerability
High
CVE-2016-9752
Serendipity Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2005-1134
Serendipity Other Vulnerability
High
CVE-2017-1000129
Serendipity Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2017-8101
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2017-5609
Serendipity Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2017-5476
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2017-5475
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2005-1448
Serendipity Other Vulnerability
Medium
CVE-2005-1713
Serendipity Other Vulnerability
Medium
CVE-2005-3129
Serendipity Other Vulnerability
Medium
CVE-2006-6242
Serendipity Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2007-6205
Serendipity Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-0124
Serendipity Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-1386
Serendipity Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2004-2525
Serendipity Other Vulnerability
Medium
CVE-2008-1385
Serendipity Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2009-4412
Serendipity Other Vulnerability
Medium
CVE-2013-5314
Serendipity Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium