CVE Vulnerabilities

CVE-2007-4282

Published: Aug 09, 2007 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

The Extended properties for entries (entryproperties) plugin in serendipity_event_entryproperties.php in Serendipity 1.1.3 allows remote authenticated users to bypass password protection and deliver custom entryproperties settings to the Serendipity Frontend via a certain request that modifies the password being checked.

Affected Software

Name Vendor Start Version End Version
Serendipity Serendipity 1.1.3 (including) 1.1.3 (including)
Serendipity Ubuntu feisty *

References