Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
geeklog vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-46058
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote malicious user to execute arbitrary code via a crafted payload to the grp_desc parameter of the admin/group.php component.
Geeklog Geeklog 2.2.2
NA
CVE-2023-46059
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote malicious user to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component.
Geeklog Geeklog 2.2.2
NA
CVE-2023-37786
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Mail Settings[backend], Mail Settings[host], Mail Settings[port] and Mail Settings[auth] parameters of the ...
Geeklog Geeklog 2.2.2
NA
CVE-2023-37787
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php.
Geeklog Geeklog 2.2.2
4.3
CVSSv2
CVE-2003-1347
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.
Geeklog Geeklog 1.3.7
4 EDB exploits
7.5
CVSSv2
CVE-2002-0097
Geeklog 1.3 allows remote malicious users to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account.
Geeklog Geeklog 1.3
7.2
CVSSv2
CVE-2002-0096
The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privileges that were not intend...
Geeklog Geeklog 1.3
7.5
CVSSv2
CVE-2010-4933
SQL injection vulnerability in filemgmt/singlefile.php in Geeklog 1.3.8 allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
Geeklog Geeklog 1.3.8
1 EDB exploit
7.5
CVSSv2
CVE-2007-0810
PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the glConf[path_libraries] parameter. NOTE: this might be a vulnerability in MVCnPHP rather than a vulnerabi...
Geeklog Geeklog 2
1 EDB exploit
4.3
CVSSv2
CVE-2009-3021
Cross-site scripting (XSS) vulnerability in Site Calendar 'mycaljp' plugin 2.0.0 up to and including 2.0.6, as used in the Japanese extended package of Geeklog 1.5.0 up to and including 1.5.2 and when distributed 20090629 or earlier, allows remote malicious users to inj...
Yoshinori Tahara Mycaljp 2.0.1
Yoshinori Tahara Mycaljp 2.0.2
Yoshinori Tahara Mycaljp 2.0.3
Yoshinori Tahara Mycaljp 2.0.4
Yoshinori Tahara Mycaljp 2.0.0
Yoshinori Tahara Mycaljp 2.0.5
Yoshinori Tahara Mycaljp 2.0.6
Geeklog Geeklog 1.5.2
Geeklog Geeklog 1.5.0
Geeklog Geeklog 1.5.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »