Vulnerabilities

CVE-2007-4282

by Fred · 09/08/2007

The "Extended properties for entries" (entryproperties) plugin in serendipity_event_entryproperties.php in Serendipity 1.1.3 allows remote authenticated users to bypass password protection and "deliver custom entryproperties settings to the Serendipity Frontend" via a certain request that modifies the password being checked.

Date published : 2007-08-09

http://www.securityfocus.com/bid/25235

http://blog.s9y.org/archives/178-Serendipity-1.1.4-released,-security-bug-in-entryproperties-plugin.html

Similar

Tags: Cybersecurity Alert