Description
SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF).
Remediation
References
Related Vulnerabilities
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Request Forgery (4.3.24)
phpMyAdmin Improper Authentication Vulnerability (CVE-2018-12613)
Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885)
MySQL CVE-2016-0606 Vulnerability (CVE-2016-0606)
Joomla Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-26038)