Security Advisory

CVE-2023-53933

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-17 22:44:59

Last updated 2026-04-07 14:07:53

Assigner VulnCheck

State PUBLISHED

Description

Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension. Attackers can upload files with system command payloads to the media upload endpoint and execute arbitrary commands on the server.

← Browse all CVEs View on cve.org ↗