The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Serendipity | S9y | 0.4 | 0.4 |
Serendipity | S9y | 0.7 | 0.7 |
Serendipity | S9y | 0.7_beta1 | 0.7_beta1 |
Serendipity | S9y | 0.8_beta_6 | 0.8_beta_6 |
Serendipity | S9y | 0.7.1 | 0.7.1 |
Serendipity | S9y | 0.5_pl1 | 0.5_pl1 |
Serendipity | S9y | 0.7_beta3 | 0.7_beta3 |
Serendipity | S9y | 0.7_beta4 | 0.7_beta4 |
Serendipity | S9y | 0.8_beta_5 | 0.8_beta_5 |
Serendipity | S9y | 0.3 | 0.3 |
Serendipity | S9y | 0.6_pl3 | 0.6_pl3 |
Serendipity | S9y | 0.7_beta2 | 0.7_beta2 |
Serendipity | S9y | 0.7_rc1 | 0.7_rc1 |