1
1
Candidate: CVE-2006-6242
4
Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and
5
earlier allow remote attackers to read or include arbitrary local files via
6
a .. (dot dot) sequence in the serendipity[charset] parameter in (1)
7
include/lang.inc.php; or to plugins/ scripts (2)
8
serendipity_event_bbcode/serendipity_event_bbcode.php, (3)
9
serendipity_event_browsercompatibility/serendipity_event_browsercompatibility.php,
10
(4) serendipity_event_contentrewrite/serendipity_event_contentrewrite.php,
12
serendipity_event_creativecommons/serendipity_event_creativecommons.php,
13
(6) serendipity_event_emoticate/serendipity_event_emoticate.php, (7)
14
serendipity_event_entryproperties/serendipity_event_entryproperties.php,
15
(8) serendipity_event_karma/serendipity_event_karma.php, (9)
16
serendipity_event_livesearch/serendipity_event_livesearch.php, (10)
17
serendipity_event_mailer/serendipity_event_mailer.php, (11)
18
serendipity_event_nl2br/serendipity_event_nl2br.php, (12)
19
serendipity_event_s9ymarkup/serendipity_event_s9ymarkup.php, (13)
20
serendipity_event_searchhighlight/serendipity_event_searchhighlight.php,
21
(14) serendipity_event_spamblock/serendipity_event_spamblock.php, (15)
22
serendipity_event_spartacus/serendipity_event_spartacus.php, (16)
23
serendipity_event_statistics/serendipity_plugin_statistics.php, (17)
24
serendipity_event_templatechooser/serendipity_event_templatechooser.php,
25
(18) serendipity_event_textile/serendipity_event_textile.php, (19)
26
serendipity_event_textwiki/serendipity_event_textwiki.php, (20)
27
serendipity_event_trackexits/serendipity_event_trackexits.php, (21)
28
serendipity_event_weblogping/serendipity_event_weblogping.php, (22)
29
serendipity_event_xhtmlcleanup/serendipity_event_xhtmlcleanup.php, (23)
30
serendipity_plugin_comments/serendipity_plugin_comments.php, (24)
31
serendipity_plugin_creativecommons/serendipity_plugin_creativecommons.php,
32
(25) serendipity_plugin_entrylinks/serendipity_plugin_entrylinks.php, (26)
33
serendipity_plugin_eventwrapper/serendipity_plugin_eventwrapper.php, (27)
34
serendipity_plugin_history/serendipity_plugin_history.php, (28)
35
serendipity_plugin_recententries/serendipity_plugin_recententries.php, (29)
36
serendipity_plugin_remoterss/serendipity_plugin_remoterss.php, (30)
37
serendipity_plugin_shoutbox/serendipity_plugin_shoutbox.php, and and (31)
38
serendipity_plugin_templatedropdown/serendipity_plugin_templatedropdown.php.
added
removed
retired/CVE-2006-6242
