CVE-2017-5609
published 2017-01-28CVE-2017-5609: SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via…
PriorityP350high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
1.60%
72.8th percentile
SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| s9y | serendipity | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Serendipity 2.0.5 functions_entries.inc.php cat sql injection (BID-95850 / ID 800609)
vuldb·2026-05-16·CVSS 8.8
CVE-2017-5609 [HIGH] Serendipity 2.0.5 functions_entries.inc.php cat sql injection (BID-95850 / ID 800609)
A vulnerability labeled as critical has been found in Serendipity 2.0.5. The impacted element is an unknown function of the file include/functions_entries.inc.php. The manipulation of the argument cat results in sql injection.
This vulnerability is identified as CVE-2017-5609. The attack can be executed remotely. There is not any exploit available.
GHSA
GHSA-c972-gj88-mpmf: SQL injection vulnerability in include/functions_entries
ghsa_unreviewed·2022-05-14
CVE-2017-5609 [HIGH] CWE-89 GHSA-c972-gj88-mpmf: SQL injection vulnerability in include/functions_entries
SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/95850https://github.com/s9y/Serendipity/commit/c62d667287f2d76c81e03a740a581eb3c51249b6https://github.com/s9y/Serendipity/releases/tag/2.1-rc1http://www.securityfocus.com/bid/95850https://github.com/s9y/Serendipity/commit/c62d667287f2d76c81e03a740a581eb3c51249b6https://github.com/s9y/Serendipity/releases/tag/2.1-rc1
2017-01-28
Published