Description
SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Events Manager Pro CSV Injection (2.6.7.1)
MySQL CVE-2014-4260 Vulnerability (CVE-2014-4260)
WordPress Plugin Backlink Rechecker Multiple Cross-Site Scripting Vulnerabilities (1.2.1)
WordPress Plugin Token Manager 'tid' Parameter Multiple Cross-Site Scripting Vulnerabilities (1.0.2)