Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
geeklog geeklog vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4647
Multiple cross-site scripting (XSS) vulnerabilities in the story creation feature in Geeklog 1.8.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) code or (2) raw BBcode tags.
Geeklog Geeklog 1.8.0
NA
CVE-2003-1347
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.
Geeklog Geeklog 1.3.7
4 EDB exploits
NA
CVE-2010-4933
SQL injection vulnerability in filemgmt/singlefile.php in Geeklog 1.3.8 allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
Geeklog Geeklog 1.3.8
1 EDB exploit
4.8
CVSSv3
CVE-2023-46058
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote malicious user to execute arbitrary code via a crafted payload to the grp_desc parameter of the admin/group.php component.
Geeklog Geeklog 2.2.2
4.8
CVSSv3
CVE-2023-46059
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote malicious user to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component.
Geeklog Geeklog 2.2.2
4.8
CVSSv3
CVE-2023-37787
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php.
Geeklog Geeklog 2.2.2
4.8
CVSSv3
CVE-2023-37786
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Mail Settings[backend], Mail Settings[host], Mail Settings[port] and Mail Settings[auth] parameters of the ...
Geeklog Geeklog 2.2.2
NA
CVE-2002-0096
The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privileges that were not intend...
Geeklog Geeklog 1.3
NA
CVE-2002-0097
Geeklog 1.3 allows remote malicious users to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account.
Geeklog Geeklog 1.3
NA
CVE-2009-3021
Cross-site scripting (XSS) vulnerability in Site Calendar 'mycaljp' plugin 2.0.0 up to and including 2.0.6, as used in the Japanese extended package of Geeklog 1.5.0 up to and including 1.5.2 and when distributed 20090629 or earlier, allows remote malicious users to inj...
Yoshinori Tahara Mycaljp 2.0.1
Yoshinori Tahara Mycaljp 2.0.2
Yoshinori Tahara Mycaljp 2.0.3
Yoshinori Tahara Mycaljp 2.0.4
Yoshinori Tahara Mycaljp 2.0.0
Yoshinori Tahara Mycaljp 2.0.5
Yoshinori Tahara Mycaljp 2.0.6
Geeklog Geeklog 1.5.2
Geeklog Geeklog 1.5.0
Geeklog Geeklog 1.5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »