Description

SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) url_id or (2) entry_id parameters.

Remediation

References

CVE-2005-1134

Related Vulnerabilities

Ruby Improper Input Validation Vulnerability (CVE-2017-6181)

Zenphoto Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-0993)

Envoy Proxy Incomplete Cleanup Vulnerability (CVE-2023-35945)

TYPO3 Improper Input Validation Vulnerability (CVE-2010-4068)

PHP Other Vulnerability (CVE-2012-5381)

Severity

High

Classification

CVE-2005-1134

Tags

Missing Update Known Vulnerabilities