vendor:
Serendipity
by:
Stefan Schurtz
7,5
CVSS
HIGH
Stored-XSS, SQL-Injection, Reflected XSS_1, Reflected XSS_2, Reflected XSS_3
89, 89, 79, 79, 79
CWE
Product Name: Serendipity
Affected Version From: Serendipity 1.7.5
Affected Version To: Serendipity 1.7.5
Patch Exists: YES
Related CWE: N/A
CPE: a:s9y:serendipity:1.7.5
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2014
Serendipity 1.7.5 (Backend) – Multiple security vulnerabilities
The Serendipity 1.7.5 backend is prone to multiple security vulnerabilities. Stored-XSS can be executed by setting the 'Real name' field to a malicious script. SQL-Injection can be executed by sending a malicious payload to the 'serendipity[install_plugin]' parameter. Reflected XSS_1, Reflected XSS_2 and Reflected XSS_3 can be executed by sending malicious payloads to the 'serendipity[install_plugin]', 'serendipity[id]' and 'serendipity[timestamp]' parameters respectively.
Mitigation:
Upgrade to the latest version of Serendipity
