Serendipity <= 1.0-beta2 Blog Configuration PHP Code Injection
High Nessus Network Monitor Plugin ID 3518
SynopsisThe remote host is vulnerable to a Script Injection attack.
DescriptionThe remote host is running Serendipity, an open-source web log application. This version of Serendipity is vulnerable to a flaw where a remote attack can upload and execute PHP scripts with the rights of the web server. Successful exploitation may lead to partial loss of confidentiality, integrity, and availability.
SolutionNo solution is known at this time.