Description
The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files.
Remediation
References
Related Vulnerabilities
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4133)
WordPress Plugin WP Fastest Cache Multiple Vulnerabilities (0.8.5.8)
Zikula Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-4729)
WordPress Plugin External Media without Import Cross-Site Scripting (1.0.1)
WordPress Plugin User Role by BestWebSoft Cross-Site Scripting (1.5.5)