CVE-2016-10752

EUVD-2016-1746
serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
Affected Products (NVD)
VendorProductVersion
s9yserendipity
2.0.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
serendipity
bionic
dne
cosmic
dne
disco
dne
trusty
dne
xenial
dne
Common Weakness Enumeration
References
https://blog.ripstech.com/2016/serendipity-from-file-upload-to-code-execution/
https://demo.ripstech.com/projects/serendipity_2.0.3
https://blog.ripstech.com/2016/serendipity-from-file-upload-to-code-execution/
https://demo.ripstech.com/projects/serendipity_2.0.3