cbcvebase.

S9Y Serendipity vulnerabilities

58 known vulnerabilities affecting s9y/serendipity.

Total CVEs
58
CISA KEV
0
Public exploits
9
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH19MEDIUM31LOW2

Vulnerabilities

Page 1 of 3
CVE-2012-2332P3HIGHCVSS 7.5PoC≤ 1.6v0.3+33 more2012-08-13
CVE-2012-2332 [HIGH] CWE-89 CVE-2012-2332: SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF).
nvd
CVE-2005-1134P3HIGHCVSS 7.5PoCv0.3v0.4+16 more2005-04-13
CVE-2005-1134 [HIGH] CVE-2005-1134: SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to e SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) url_id or (2) entry_id parameters.
nvd
CVE-2023-53933P2HIGHCVSS 8.8v2.4.02025-12-17
CVE-2023-53933 [HIGH] CWE-434 CVE-2023-53933: Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension. Attackers can upload files with system command payloads to the media upload endpoint and execute arbitrary commands on the server.
nvd
CVE-2011-4090P3MEDIUMCVSS 6.1PoCfixed in 1.62019-11-26
CVE-2011-4090 [MEDIUM] CWE-79 CVE-2011-4090: Serendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation. Serendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation.
nvd
CVE-2004-2158P3HIGHCVSS 7.5PoCv0.7_beta12004-12-31
CVE-2004-2158 [HIGH] CVE-2004-2158: SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQ SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php.
nvd
CVE-2006-6242P3MEDIUMCVSS 6.8PoCv0.3v0.4+24 more2006-12-03
CVE-2006-6242 [MEDIUM] CWE-22 CVE-2006-6242: Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and earlier allow remote attackers Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and earlier allow remote attackers to read or include arbitrary local files via a .. (dot dot) sequence in the serendipity[charset] parameter in (1) include/lang.inc.php; or to plugins/ scripts (2) serendipity_event_bbcode/serendipity_event_bbcode.php, (3) serendipity_event_browsercompat
nvd
CVE-2016-10752P3CRITICALCVSS 9.8v2.0.32019-05-24
CVE-2016-10752 [CRITICAL] CWE-434 CVE-2016-10752: serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute ar serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename.
nvd
CVE-2020-10964P3CRITICALCVSS 9.8fixed in 2.3.42020-03-25
CVE-2020-10964 [CRITICAL] CWE-434 CVE-2020-10964: Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the fi Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.
nvd
CVE-2017-5609P3HIGHCVSS 8.8v2.0.52017-01-28
CVE-2017-5609 [HIGH] CWE-89 CVE-2017-5609: SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.
nvd
CVE-2023-31576P3HIGHCVSS 8.8v2.4.02023-05-16
CVE-2023-31576 [HIGH] CWE-434 CVE-2023-31576: An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrar An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file.
nvd
CVE-2024-58282P3HIGHCVSS 7.2v2.5.02025-12-10
CVE-2024-58282 [HIGH] CWE-434 CVE-2024-58282: Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administr Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload mechanism by creating a PHP shell with a command execution form that enables arbitrary system command execution on the web server.
nvd
CVE-2011-1134P3CRITICALCVSS 9.8fixed in 1.5.52019-11-05
CVE-2011-1134 [CRITICAL] CWE-434 CVE-2011-1134: Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows rem Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.
nvd
CVE-2016-10082P3CRITICALCVSS 9.8≤ 2.0.52016-12-30
CVE-2016-10082 [CRITICAL] CWE-284 CVE-2016-10082: include/functions_installer.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion and include/functions_installer.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the dbType POST parameter before adding it to an include() call in the bundled-libs/serendipity_generateFTPChecksums.php file.
nvd
CVE-2004-1620P4MEDIUMCVSS 5.0PoCv0.3v0.4+12 more2004-10-21
CVE-2004-1620 [MEDIUM] CVE-2004-1620: CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Re CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php.
nvd
CVE-2010-1916P3HIGHCVSS 7.5v0.3v0.4+31 more2010-05-12
CVE-2010-1916 [HIGH] CWE-264 CVE-2010-1916: The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serend The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity 1.5.2 and earlier, allows remote attackers to bypass intended access restrictions and modify the configuration of arbitrary plugins via (1) crafted backend_config_secret_key_location and backend_config_hash parameters that are used in a SHA1 hash of
nvd
CVE-2012-2331P4MEDIUMCVSS 4.3PoC≤ 1.6v0.3+33 more2012-08-13
CVE-2012-2331 [MEDIUM] CWE-79 CVE-2012-2331: Cross-site scripting (XSS) vulnerability in serendipity/serendipity_admin_image_selector.php in Sere Cross-site scripting (XSS) vulnerability in serendipity/serendipity_admin_image_selector.php in Serendipity before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the serendipity[textarea] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF).
nvd
CVE-2016-9752P3HIGHCVSS 8.6≤ 2.0.42016-12-01
CVE-2016-9752 [HIGH] CWE-918 CVE-2016-9752: In Serendipity before 2.0.5, an attacker can bypass SSRF protection by using a malformed IP address In Serendipity before 2.0.5, an attacker can bypass SSRF protection by using a malformed IP address (e.g., http://127.1) or a 30x (aka Redirection) HTTP status code.
nvd
CVE-2026-39971P3HIGHCVSS 7.2fixed in 2.6.0v2.6.02026-04-15
CVE-2026-39971 [HIGH] CWE-113 CVE-2026-39971: Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the email sending funct Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the email sending functionality in include/functions.inc.php inserts $_SERVER['HTTP_HOST'] directly into the Message-ID SMTP header without validation, and the existing sanitization function serendipity_isResponseClean() is not called on HTTP_HOST before embedding it. An atta
ghsanvd
CVE-2012-2762P3HIGHCVSS 7.5≤ 1.6.1v0.3+33 more2012-06-07
CVE-2012-2762 [HIGH] CWE-89 CVE-2012-2762: SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remo SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.
nvd
CVE-2008-1385P4MEDIUMCVSS 4.3PoC≤ 1.3v0.3+25 more2008-04-23
CVE-2008-1385 [MEDIUM] CWE-79 CVE-2008-1385: Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity ( Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (S9Y) before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.
nvd
S9Y Serendipity vulnerabilities | cvebase