| VID |
21382 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Serendipity is vulnerable to a SQL Injection Vulnerability.
Serendipity is a Weblog/blog system used with PHP. Serendipity 0.7-beta1 and prior are vulnerable to a SQL Injection Vulnerability in the 'exit.php' and 'comment.php', caused by improper validating user-supplied input in the 'entry_id' parameter. By sending a specially crafted parameter value to inject SQL commands, a remote attacker could cause the embedded SQL command to be executed on the target system, including to add, modify or delete data in the backend database,
* References:
http://packetstormsecurity.org/0410-exploits/serendipityPoC.txt
http://www.osvdb.org/displayvuln.php?osvdb_id=10371
http://securitytracker.com/alerts/2004/Sep/1011448.html
* Platforms Affected:
s9y, Serendipity 0.7-beta1 and prior
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Serendipity (0.7-beta3 or later) fixed this issue, available from the SourceForge.net Web site at http://prdownloads.sourceforge.net/php-blog/serendipity-0.7-beta3.tar.gz?download |
| Related URL |
CVE-2004-2158 (CVE) |
| Related URL |
11269 (SecurityFocus) |
| Related URL |
17533 (ISS) |
|
