Description
SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.
Remediation
References
Related Vulnerabilities
PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2014-5459)
Oracle Database Server CVE-2006-3702 Vulnerability (CVE-2006-3702)
Apache HTTP Server Other Vulnerability (CVE-2004-0263)
WordPress Plugin Arigato Autoresponder and Newsletter Cross-Site Scripting (2.3.1)