Unrestricted file upload vulnerability in Serendipity before 1.5 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in an unspecified directory. NOTE: some of these details are obtained from third party information.
CPE | Name | Operator | Version |
---|---|---|---|
serendipity | eq | 0.5 | |
serendipity | eq | 1.0.3 | |
serendipity | eq | 1.3 | |
serendipity | eq | 1.1.4 | |
serendipity | eq | 0.4 | |
serendipity | eq | 0.8.5 | |
serendipity | eq | 0.7 | |
serendipity | eq | 1.1.2 | |
serendipity | eq | 1.0.4 | |
serendipity | eq | 0.8.3 |