CVE-2017-5609
NONE EPSS 72.9%
Published Jan 28, 20179y ago · Modified Jun 17, 20262w ago
Published Jan 28, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.
Threat Intelligence
EPSS Exploit Probability
72.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-89 SQL Injection Injection
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| s9y | serendipity | 2.0.5 | any |
References 3
- securityfocus.com http://www.securityfocus.com/bid/95850
- github.com https://github.com/s9y/Serendipity/commit/c62d667287f2d76c81e03a740a581eb3c51249b6
- github.com https://github.com/s9y/Serendipity/releases/tag/2.1-rc1
Remediation
- github.com https://github.com/s9y/Serendipity/commit/c62d667287f2d76c81e03a740a581eb3c51249b6