CVE-2020-10964

  • Published Date: Wed 25 Mar 2020
  • Last Modified Date: Fri 27 Mar 2020

Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.