Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
geeklog geeklog vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2010-4933
SQL injection vulnerability in filemgmt/singlefile.php in Geeklog 1.3.8 allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
Geeklog Geeklog 1.3.8
1 EDB exploit
383
VMScore
CVE-2011-4647
Multiple cross-site scripting (XSS) vulnerabilities in the story creation feature in Geeklog 1.8.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) code or (2) raw BBcode tags.
Geeklog Geeklog 1.8.0
755
VMScore
CVE-2007-0810
PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the glConf[path_libraries] parameter. NOTE: this might be a vulnerability in MVCnPHP rather than a vulnerabi...
Geeklog Geeklog 2
1 EDB exploit
NA
CVE-2023-37786
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Mail Settings[backend], Mail Settings[host], Mail Settings[port] and Mail Settings[auth] parameters of the ...
Geeklog Geeklog 2.2.2
NA
CVE-2023-37787
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php.
Geeklog Geeklog 2.2.2
450
VMScore
CVE-2003-1347
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.
Geeklog Geeklog 1.3.7
4 EDB exploits
NA
CVE-2023-46058
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote malicious user to execute arbitrary code via a crafted payload to the grp_desc parameter of the admin/group.php component.
Geeklog Geeklog 2.2.2
NA
CVE-2023-46059
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote malicious user to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component.
Geeklog Geeklog 2.2.2
668
VMScore
CVE-2002-0097
Geeklog 1.3 allows remote malicious users to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account.
Geeklog Geeklog 1.3
383
VMScore
CVE-2009-3021
Cross-site scripting (XSS) vulnerability in Site Calendar 'mycaljp' plugin 2.0.0 up to and including 2.0.6, as used in the Japanese extended package of Geeklog 1.5.0 up to and including 1.5.2 and when distributed 20090629 or earlier, allows remote malicious users to inj...
Yoshinori Tahara Mycaljp 2.0.1
Yoshinori Tahara Mycaljp 2.0.2
Yoshinori Tahara Mycaljp 2.0.3
Yoshinori Tahara Mycaljp 2.0.4
Yoshinori Tahara Mycaljp 2.0.0
Yoshinori Tahara Mycaljp 2.0.5
Yoshinori Tahara Mycaljp 2.0.6
Geeklog Geeklog 1.5.2
Geeklog Geeklog 1.5.0
Geeklog Geeklog 1.5.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »