Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.52735
Category:CGI abuses : XSS
Title:S9Y Serendipity Exit.PHP HTTP Response Splitting
Summary:NOSUMMARY
Description:Description:

The remote version of Serendipity, according to its version
number, is vulnerable to an HTTP response splitting vulnerability
in 'Exit.PHP' which allows remote attackers to perform cross site
scripting attacks.

Versions 0.7-beta4 and earlier are known to be vulnerable.

Solution : Upgrade to 0.7 or later.

Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: BugTraq ID: 11497
Common Vulnerability Exposure (CVE) ID: CVE-2004-1620
http://www.securityfocus.com/bid/11497
Bugtraq: 20041021 HTTP Response Splitting in Serendipity 0.7-beta4 (Google Search)
http://marc.info/?l=bugtraq&m=109841283115808&w=2
http://www.osvdb.org/11013
http://www.osvdb.org/11038
http://www.osvdb.org/11039
http://securitytracker.com/id?1011864
http://secunia.com/advisories/12909/
XForce ISS Database: serendipity-response-splitting(17798)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17798
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.