Description
Unrestricted file upload vulnerability in Serendipity before 1.5 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in an unspecified directory. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2012-1746 Vulnerability (CVE-2012-1746)
Apache Tomcat Unprotected Transport of Credentials Vulnerability (CVE-2023-28708)
WordPress Plugin job-portal Cross-Site Scripting (0.0.1)
WordPress Plugin 301 Redirects-Easy Redirect Manager SQL Injection (2.50)
PHP Improper Certificate Validation Vulnerability (CVE-2015-3152)