Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
261075.5%CRITICAL

Related CVEs

61
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2026-39971Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the email sending functionality in include/functions.inc.php inserts $_SERVER['HTTP_HOST'] directly into the Message-ID SMTP header without validation, and the existing sanitization function serendipity_isResponseClean() is not called on HTTP_HOST before embedding it. An attacker who can control the Host header during an email-triggering action such as comment notifications or subscription emails can inject arbitrary SMTP headers into outgoing emails. This enables identity spoofing, reply hijacking via manipulated Message-ID threading, and email reputation abuse through the attacker's domain being embedded in legitimate mail headers. This issue has been fixed in version 2.6.0.HIGH7.216.7%Apr 15, 2026
CVE-2026-39963Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the serendipity_setCookie() function in include/functions_config.inc.php uses $_SERVER['HTTP_HOST'] without validation as the domain parameter of setcookie(). An attacker who can influence the Host header at login time, such as via MITM, reverse proxy misconfiguration, or load balancer manipulation, can force authentication cookies including session tokens and auto-login tokens to be scoped to an attacker-controlled domain. This enables session fixation, token leakage to attacker-controlled infrastructure, and privilege escalation if an admin logs in under a poisoned Host header. This issue has been fixed in version 2.6.0.MEDIUM6.913.0%Apr 15, 2026
CVE-2023-53933Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension. Attackers can upload files with system command payloads to the media upload endpoint and execute arbitrary commands on the server.HIGH8.754.4%Dec 17, 2025
CVE-2023-53932Serendipity 2.4.0 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through blog entry creation. Attackers can craft entries with JavaScript payloads that will execute when other users view the compromised blog post.MEDIUM5.110.5%Dec 17, 2025
CVE-2024-58282Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload mechanism by creating a PHP shell with a command execution form that enables arbitrary system command execution on the web server.HIGH8.653.9%Dec 10, 2025
CVE-2023-31576An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file.HIGH8.860.4%May 16, 2023
CVE-2020-10964Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.CRITICAL9.884.6%Mar 25, 2020
CVE-2011-3610A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf.MEDIUM6.165.0%Jan 22, 2020
CVE-2011-4090Serendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation.MEDIUM6.186.2%Nov 26, 2019
CVE-2011-1135Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php.MEDIUM6.175.5%Nov 5, 2019
CVE-2011-1134Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.CRITICAL9.885.9%Nov 5, 2019
CVE-2011-1133Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php.MEDIUM6.175.5%Nov 5, 2019
CVE-2016-10752serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename.NONE81.6%May 24, 2019
CVE-2019-11870Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the templates/2k11/admin/media_items.tpl Media Library feature.NONE66.7%May 9, 2019
CVE-2016-10737Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter.NONE45.2%Jan 16, 2019
CVE-2017-1000129Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosureNONE63.0%Nov 17, 2017
CVE-2017-8102Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin's cookie and other information by composing a new entry as an editor user. This is related to lack of the serendipity_event_xsstrust plugin and a set_config error in that plugin.NONE53.9%Apr 24, 2017
CVE-2017-8101There is CSRF in Serendipity 2.0.5, allowing attackers to install any themes via a GET request.NONE44.5%Apr 24, 2017
CVE-2017-5609SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.NONE72.9%Jan 28, 2017
CVE-2017-5476Serendipity through 2.0.5 allows CSRF for the installation of an event plugin or a sidebar plugin.NONE48.0%Jan 14, 2017