RSS   Vulnerabilities for 'Serendipity freetag-plugin'   RSS

2009-09-24
 
CVE-2009-3337

CWE-89
 

 
SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry.

 
2008-02-13
 
CVE-2008-0751

 

 
Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/.

 

 >>> Vendor: S9Y 2 Products
Serendipity
Serendipity freetag-plugin


Copyright 2017, cxsecurity.com

 

Back to Top