Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
geeklog geeklog 2 vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2002-0962
Cross-site scripting vulnerabilities in GeekLog 1.3.5 and previous versions allow remote malicious users to execute arbitrary script via (1) the url variable in the Link field of a calendar event, (2) the topic parameter in index.php, or (3) the title parameter in comment.php.
Geeklog Geeklog
2 EDB exploits
383
VMScore
CVE-2011-4647
Multiple cross-site scripting (XSS) vulnerabilities in the story creation feature in Geeklog 1.8.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) code or (2) raw BBcode tags.
Geeklog Geeklog 1.8.0
450
VMScore
CVE-2003-1347
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.
Geeklog Geeklog 1.3.7
4 EDB exploits
383
VMScore
CVE-2016-4849
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog IVYWE edition 2.1.1 allow remote malicious users to inject arbitrary web script or HTML by leveraging use of the COM_getCurrentURL function in (1) public_html/layout/default/header.thtml, (2) public_html/layout/bento/...
Geeklog Project Geeklog 2.1.1
383
VMScore
CVE-2008-3316
Cross-site scripting (XSS) vulnerability in the search feature in the Forum plugin prior to 2.7.1 for Geeklog allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, probably related to (1) public_html/index.php, (2) config.php, and (3) funct...
Portalparts Forum Plugin
Portalparts Forum Plugin 2.3.1
383
VMScore
CVE-2016-4875
Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) Assist plugin prior to 1.1.2.test20160906, (2) dataBox plugin prior to 0.0.0.20160906, and (3) userBox plugin prior to 0.0.0.20160906 for Geeklog allow remote malicious users to inject arbitrary web script or HT...
Databox Project Databox Plugin
Userbox Project Userbox Plugin
Assist Project Assist Plugin
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2