Back to search
CVE-2016-10082
Published: Dec 30, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
include/functions_installer.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the dbType POST parameter before adding it to an include() call in the bundled-libs/serendipity_generateFTPChecksums.php file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
95165
vdb-entry
x_refsource_BID
https://github.com/s9y/Serendipity/issues/433
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now