Security Advisory

CVE-2012-2332

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-08-13 23:00:00

Last updated 2024-09-17 02:52:09

Assigner redhat

State PUBLISHED

Description

SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF).

← Browse all CVEs View on cve.org ↗