Description

SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.

Remediation

References

CVE-2012-2762

Related Vulnerabilities

WordPress Plugin Events Manager Pro CSV Injection (2.6.7.1)

MySQL CVE-2014-4260 Vulnerability (CVE-2014-4260)

Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28853)

WordPress Plugin Backlink Rechecker Multiple Cross-Site Scripting Vulnerabilities (1.2.1)

WordPress Plugin Token Manager 'tid' Parameter Multiple Cross-Site Scripting Vulnerabilities (1.0.2)

Severity

High

Classification

CVE-2012-2762 CWE-138

Tags

Missing Update Known Vulnerabilities