S9Y Serendipity 2.1

CPE Details

S9Y Serendipity 2.1
s9y
serendipity
2.1
2019-05-13
10h08 +00:00
2019-05-13
10h08 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:s9y:serendipity:2.1:-:*:*:*:*:*:*

Informations

Vendor

s9y

Product

serendipity

Version

2.1

Update

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-10964 2020-03-25 20h53 +00:00 Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.
9.8
Critique
CVE-2019-11870 2019-05-09 19h25 +00:00 Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the templates/2k11/admin/media_items.tpl Media Library feature.
6.1
Moyen