WEB APPLICATION VULNERABILITIES Standard & Premium

Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000129)

Description

Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure

Remediation

References

CVE-2017-1000129

Related Vulnerabilities

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-31549)

Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5495)

WordPress Plugin Media Library Assistant SQL Injection (3.05)

Apache Tomcat CVE-2023-34981 Vulnerability (CVE-2023-34981)

Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3704)

Severity

High

Classification

CVE-2017-1000129 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities