Casbay Knowledge Base

Search our articles or browse by category below

SECURITY UPDATE: Serendipity 1.7.8 Update

Last modified: October 1, 2022
Estimated reading time: 1 min

SECURITY UPDATE: Serendipity 1.7.8 Update

The Serendipity vulnerability was found by High-Tech Bridge SA Security Research Lab. Attackers often use the vulnerability to perform SQL injection attacks. 

So, here is the issue happen in Serebdupity 1.7.8 Update:

SQL injection in Serendipity

Before the 1.1 input is used in a SQL query, it is first passed to comment.php via the “url” GET parameter which is not sanitized properly. Therefore, it allows individuals to manipulate SQL queries. Moreover, they can carry out manipulation by injecting arbitrary SQL code.

However, you can refer the following PoC (Proof of Concept) which demonstrates the vulnerability:

http://[host]/comment.php?

type=trackback&entry_id=1&url=%27%20OR%20mid%28version%28%29,1,1%29=5%20–%202

Then, successful exploitation of this vulnerability needs that “magic_quotes_gpc” to be off.

Solution:

Firstly, to solve this issue, we suggest you to upgrade to Serendipity 1.7.8

Furthermore, if you need more information, please visit :

and

**************************************************************************************************

Vulnerability Description:

The Serendipity back end is prone to a Cross-Site Scripting and SQL-Injection vulnerability.

Solution:

Firstly, to solve the problem, it is necessary to upgrade to version 1.7.8. To upgrade these scripts, go to your Control Panel -> Softaculous -> Installations.

Then, you can update the scripts.

Credits:

For your information, the vulnerabilities is found and advisory is written by Stefan Schurtz (KORAMIS Security Team).

Reference:

Now you have just learned the solution to solve the vulnerabilities in Serendipity 1.7.8. After all, if you feel like reading more articles about CMS (Content Management System), please visit our Knowledge Base.

Was this article helpful?
Dislike 0
Previous: HOW TO: Edit your profile in WordPress
Next: What is a Canonical tag?