Description
Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.
Remediation
References
Related Vulnerabilities
WordPress Plugin WPFront User Role Editor Unspecified Vulnerability (2.14.1)
SharePoint CVE-2022-21837 Vulnerability (CVE-2022-21837)
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-2507)
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6212)