Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted file upload vulnerability in Serendipity before 1.5 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in an unspecified directory. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
S9Y Serendipity 非限制文件上载漏洞
Vulnerability Description
Serendipity中存在非限制文件上载漏洞,远程验证用户可以将诶在上载一个拥有安全扩展名后的可执行扩展名的文件执行任意代码,并通过一个对未明目录中的文件的直接请求获得它。
CVSS Information
N/A
Vulnerability Type
N/A