Security Advisories | Entries from May 2011

Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170
Skip to content

SSCHADV2011-004 - Cross-Site Scripting vulnerability in Serendipity Plugin "serendipity_event_freetag"

Posted by on Monday, May 30. 2011

Advisory:	XSS vulnerability in Serendipity Plugin "serendipity_event_freetag"
Advisory ID:	SSCHADV2011-004
Author:	Stefan Schurtz
Affected Software:	Successfully tested on: serendipity_event_freetag – version 3.21
Vendor URL:	http://www.s9y.org
Vendor Status:	Version 3.22 – Fix possible XSS
CVE-ID:	-

======================
Vulnerability Description:
======================

This is a Cross-Site Scripting vulnerability

==============
Technical Details:
==============

Continue reading "SSCHADV2011-004 - Cross-Site Scripting vulnerability in Serendipity Plugin "serendipity_event_freetag""

Sidebar

Calendar

Werbung

Exploit-DB updates by Offensive Security

[webapps] Pluck 4.7.7-dev2 - PHP Code Execution

Monday, December 8. 2025

[webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)

Wednesday, December 3. 2025

[webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery (CSRF)

Wednesday, December 3. 2025

[webapps] MaNGOSWebV4 4.0.6 - Reflected XSS

Wednesday, December 3. 2025

[webapps] Django 5.1.13 - SQL Injection

Wednesday, December 3. 2025

OpenBSD Journal

The story of Propolice, the OpenBSD stack protector

Friday, December 12. 2025

The rpki-client project needs financial support

Wednesday, November 19. 2025

Transition to support for 52 partitions

Friday, November 14. 2025

Source and state limiters introduced in pf

Wednesday, November 12. 2025

Big news for small /usr partitions

Wednesday, November 12. 2025

In -current, chromium (and derivatives) gain VA-API support

Tuesday, November 4. 2025

OpenSMTPD 7.8.0p0 released

Sunday, November 2. 2025

LibreSSL 4.1.2 and 4.2.1 released

Sunday, November 2. 2025

Enable BPF filtering on sockets

Thursday, October 30. 2025

Archives

Blog Administration

Open login screen

Imprint | Contact | Privacy Statement

Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170