Description
SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.
Remediation
References
Related Vulnerabilities
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-0464)
Moodle Improper Input Validation Vulnerability (CVE-2022-35650)
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1607)
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.23.2)