Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
geeklog vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2011-4647
Multiple cross-site scripting (XSS) vulnerabilities in the story creation feature in Geeklog 1.8.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) code or (2) raw BBcode tags.
Geeklog Geeklog 1.8.0
NA
CVE-2023-37786
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Mail Settings[backend], Mail Settings[host], Mail Settings[port] and Mail Settings[auth] parameters of the ...
Geeklog Geeklog 2.2.2
NA
CVE-2023-37787
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php.
Geeklog Geeklog 2.2.2
755
VMScore
CVE-2010-4933
SQL injection vulnerability in filemgmt/singlefile.php in Geeklog 1.3.8 allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
Geeklog Geeklog 1.3.8
1 EDB exploit
641
VMScore
CVE-2002-0096
The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privileges that were not intend...
Geeklog Geeklog 1.3
668
VMScore
CVE-2002-0097
Geeklog 1.3 allows remote malicious users to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account.
Geeklog Geeklog 1.3
450
VMScore
CVE-2003-1347
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.
Geeklog Geeklog 1.3.7
4 EDB exploits
NA
CVE-2023-46058
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote malicious user to execute arbitrary code via a crafted payload to the grp_desc parameter of the admin/group.php component.
Geeklog Geeklog 2.2.2
NA
CVE-2023-46059
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote malicious user to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component.
Geeklog Geeklog 2.2.2
383
VMScore
CVE-2009-3021
Cross-site scripting (XSS) vulnerability in Site Calendar 'mycaljp' plugin 2.0.0 up to and including 2.0.6, as used in the Japanese extended package of Geeklog 1.5.0 up to and including 1.5.2 and when distributed 20090629 or earlier, allows remote malicious users to inj...
Yoshinori Tahara Mycaljp 2.0.1
Yoshinori Tahara Mycaljp 2.0.2
Yoshinori Tahara Mycaljp 2.0.3
Yoshinori Tahara Mycaljp 2.0.4
Yoshinori Tahara Mycaljp 2.0.0
Yoshinori Tahara Mycaljp 2.0.5
Yoshinori Tahara Mycaljp 2.0.6
Geeklog Geeklog 1.5.2
Geeklog Geeklog 1.5.0
Geeklog Geeklog 1.5.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »