BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability May 08 2012 06:13PM
security koramis de
Advisory: Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability
Advisory ID: KORAMIS-ADV2012-001
Contact: security (at) koramis (dot) de [email concealed]
Author: Stefan Schurtz
Affected Software: Successfully tested on Serendipity 1.6
Vendor URL: http://www.s9y.org
Vendor Status: fixed

==========...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus