Security Bypass in Serendipity Entry Properties Plugin
CVE-2007-4282

Currently unrated

Key Information:

Vendor

Serendipity

Status
Serendipity
Vendor
CVE Published:
9 August 2007

What is CVE-2007-4282?

The Entry Properties Plugin for Serendipity versions prior to 1.1.4 has a security flaw that permits remote authenticated users to circumvent password protection mechanisms. By crafting a specific request that alters the password validation process, attackers can alter the settings of entry properties, subsequently affecting what is delivered to the Serendipity Frontend. This vulnerability exposes users to the risk of unauthorized access to sensitive configuration settings.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/25235
vdb-entryx_refsource_BID
http://blog.drinsama.de/erich/en/security/2007080801-secu...
x_refsource_MISC
http://secunia.com/advisories/26347
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.