Summary:
Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.
Published:
Wednesday, March 25, 2020 - 22:15
cvss:
5.0