CVE-2012-2762

N/A Unknown

Published: June 07, 2012 Modified: April 29, 2026

Description

SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://blog.s9y.org/archives/241-Serendipity-1.6.2-released.html

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/49234

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/82036

Source: cve@mitre.org

http://www.securityfocus.com/bid/53620

Source: cve@mitre.org

http://www.securitytracker.com/id?1027079

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/75760

Source: cve@mitre.org

https://github.com/s9y/Serendipity/commit/87153991d06bc18fe4af05f97810487c4a340a92#diff-1

Source: cve@mitre.org

https://www.htbridge.com/advisory/HTB23092

Source: cve@mitre.org

http://blog.s9y.org/archives/241-Serendipity-1.6.2-released.html