CVE-2012-2762

SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.

Date published : 2012-06-07

http://www.securityfocus.com/bid/53620

http://blog.s9y.org/archives/241-Serendipity-1.6.2-released.html