Serendipity · Serendipity Event Freetag · CVE-2009-3337
**Name of the Vulnerable Software and Affected Versions**
Serendipity (S9Y) plugin serendipity event freetag versions prior to 3.09
**Description**
A SQL injection issue allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry.
**Recommendations**
For versions prior to 3.09, update to version 3.09 or later to resolve the issue.