CVE-2017-5609

NONE EPSS 72.9%
Published Jan 28, 20179y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jan 28, 2017 9y ago
Last Modified Jun 17, 2026 2w ago

Description

SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.

Threat Intelligence

EPSS Exploit Probability
72.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-89 SQL Injection Injection

Affected Products 1

VendorProductVersionRange
s9yserendipity2.0.5any

References 3

  • securityfocus.com http://www.securityfocus.com/bid/95850
    Third Party AdvisoryVDB Entry
  • github.com https://github.com/s9y/Serendipity/commit/c62d667287f2d76c81e03a740a581eb3c51249b6
    Issue TrackingPatchThird Party Advisory
  • github.com https://github.com/s9y/Serendipity/releases/tag/2.1-rc1
    Release NotesThird Party Advisory

Remediation

  • github.com https://github.com/s9y/Serendipity/commit/c62d667287f2d76c81e03a740a581eb3c51249b6
    Issue TrackingPatchThird Party Advisory