SECURITY UPDATE: Serendipity 1.7.8 Update
High-Tech Bridge SA Security Research Lab discovered the Serendipity vulnerability. Attackers frequently use the flaw to launch SQL injection attacks.
SQL injection in Serendipity
Before the 1.1 input is used in a SQL query, it is first passed to comment.php via the “url” GET parameter which is not sanitized properly. Therefore, it allows individuals to manipulate SQL queries. Moreover, they can carry out manipulation by injecting arbitrary SQL code.
However, you can refer the following PoC (Proof of Concept) which demonstrates the vulnerability:
http://[host]/comment.php?
type=trackback&entry_id=1&url=%27%20OR%20mid%28version%28%29,1,1%29=5%20–%202
Then, successful exploitation of this vulnerability needs that “magic_quotes_gpc” to be off.
Solution:
Firstly, to solve this issue, we suggest you to upgrade to Serendipity 1.7.8
Furthermore, if you need more information, please visit :
and
Vulnerability Description:
The Serendipity back end is prone to a Cross-Site Scripting and SQL-Injection vulnerability.
Solution:
Firstly, to solve the problem, it is necessary to upgrade to version 1.7.8. To upgrade these scripts, go to your Control Panel -> Softaculous -> Installations.
Then, you can update the scripts.
For more informations, you can visit Serendipity 1.6.1 released
