Unrated severityNVD Advisory· Published Aug 13, 2012· Updated Jun 16, 2026
CVE-2012-2332
CVE-2012-2332
Description
SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.6.1
- Range: <1.6.1
Patches
Vulnerability mechanics
References
7- www.koramis.com/advisories/2012/KORAMIS-ADV2012-001.txtnvdExploit
- www.rul3z.de/index.phpnvdExploit
- www.securityfocus.com/bid/53418nvdExploit
- archives.neohapsis.com/archives/bugtraq/2012-05/0037.htmlnvd
- blog.s9y.org/archives/240-Serendipity-1.6.1-released.htmlnvd
- www.openwall.com/lists/oss-security/2012/05/08/6nvd
- www.openwall.com/lists/oss-security/2012/05/09/2nvd
News mentions
0No linked articles in our index yet.