CVE-2023-53933 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension. Attacke…
High CVSS: 8.7

CVE-2023-53933

Serendipity 2.4.0 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension. Attackers can upload files with system command payloads to the media upload endpoint and execute arbitrary commands on the server.
Vendor
S9y
Product
Serendipity
CWE
CWE-434
Yayın Tarihi
2025-12-17 23:15:52
Güncelleme
2025-12-24 16:52:17
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-434 Serendipity HIGH S9y 2025

Referanslar

https://docs.s9y.org/ https://www.exploit-db.com/exploits/51372 https://www.vulncheck.com/advisories/serendipity-authenticated-remote-code-execution-via-file-upload https://www.exploit-db.com/exploits/51372