Required CVE Record Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in Serendipity (s9y) 1.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the media manager administration page.
References 11 Total
- securityfocus.com: 20061019 Advisory 11/2006: Serendipity Weblog XSS Vulnerabilities mailing-list
- securityreason.com: 1771 third-party-advisory
- securityfocus.com: 20627 vdb-entry
- osvdb.org: 29893 vdb-entry
- http://www.hardened-php.net/advisory_112006.136.html
- exchange.xforce.ibmcloud.com: serendipity-admin-xss(29695) vdb-entry
- secunia.com: 22501 third-party-advisory
- securitytracker.com: 1017100 vdb-entry
- archives.neohapsis.com: 20061019 Advisory 11/2006: Serendipity Weblog XSS Vulnerabilities mailing-list
- http://www.s9y.org/forums/viewtopic.php?t=7356
- vupen.com: ADV-2006-4135 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 11 Total
- securityfocus.com: 20061019 Advisory 11/2006: Serendipity Weblog XSS Vulnerabilities mailing-listx_transferred
- securityreason.com: 1771 third-party-advisoryx_transferred
- securityfocus.com: 20627 vdb-entryx_transferred
- osvdb.org: 29893 vdb-entryx_transferred
- http://www.hardened-php.net/advisory_112006.136.html x_transferred
- exchange.xforce.ibmcloud.com: serendipity-admin-xss(29695) vdb-entryx_transferred
- secunia.com: 22501 third-party-advisoryx_transferred
- securitytracker.com: 1017100 vdb-entryx_transferred
- archives.neohapsis.com: 20061019 Advisory 11/2006: Serendipity Weblog XSS Vulnerabilities mailing-listx_transferred
- http://www.s9y.org/forums/viewtopic.php?t=7356 x_transferred
- vupen.com: ADV-2006-4135 vdb-entryx_transferred