CVE-2004-2158

SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php.

Date published : 2005-07-10

http://www.securityfocus.com/bid/11269

http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026955.html