Description
The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files.
Remediation
References
Related Vulnerabilities
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891)
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15081)
WordPress Plugin Ultimate GDPR & CCPA Compliance Toolkit for WordPress Security Bypass (2.4)
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42130)