S9y ≫ Serendipity

An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file.

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.

Serendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation.

Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php.

Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.

Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php.

serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename.

Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the templates/2k11/admin/media_items.tpl Media Library feature.

Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter.

Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure