Google Search: inurl:”comment.php?serendipity”
cybercide rates this entry 6 out of 10.
Submitted: 2004-10-05 00:00:00
Added by: cybercide
serendipity is a weblog/blog system, implemented with PHP. It is standards compliant, feature rich and open source.For an attacker it is possible to inject SQL commands.http://www.securityfocus.com/bid/11269/discussion/