CVE-2007-4282

CVE-2007-4282 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The "Extended properties for entries" (entryproperties) plugin in serendipity_event_entryproperties.php in Serendipity 1.1.3 allows remote authenticated users to bypass password protection and "deliver custom entryproperties settings to the Serendipity Frontend" via a certain request that modifies the password being checked.

Learn more about our User Device Pen Test.