Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
geeklog vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0097
Geeklog 1.3 allows remote malicious users to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account.
Geeklog Geeklog 1.3
7.5
CVSSv2
CVE-2007-0810
PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the glConf[path_libraries] parameter. NOTE: this might be a vulnerability in MVCnPHP rather than a vulnerabi...
Geeklog Geeklog 2
1 EDB exploit
NA
CVE-2023-37786
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Mail Settings[backend], Mail Settings[host], Mail Settings[port] and Mail Settings[auth] parameters of the ...
Geeklog Geeklog 2.2.2
NA
CVE-2023-37787
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php.
Geeklog Geeklog 2.2.2
4.3
CVSSv2
CVE-2003-1347
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.
Geeklog Geeklog 1.3.7
4 EDB exploits
4.3
CVSSv2
CVE-2011-4647
Multiple cross-site scripting (XSS) vulnerabilities in the story creation feature in Geeklog 1.8.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) code or (2) raw BBcode tags.
Geeklog Geeklog 1.8.0
7.5
CVSSv2
CVE-2010-4933
SQL injection vulnerability in filemgmt/singlefile.php in Geeklog 1.3.8 allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
Geeklog Geeklog 1.3.8
1 EDB exploit
NA
CVE-2023-46058
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote malicious user to execute arbitrary code via a crafted payload to the grp_desc parameter of the admin/group.php component.
Geeklog Geeklog 2.2.2
NA
CVE-2023-46059
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote malicious user to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component.
Geeklog Geeklog 2.2.2
4.3
CVSSv2
CVE-2009-3021
Cross-site scripting (XSS) vulnerability in Site Calendar 'mycaljp' plugin 2.0.0 up to and including 2.0.6, as used in the Japanese extended package of Geeklog 1.5.0 up to and including 1.5.2 and when distributed 20090629 or earlier, allows remote malicious users to inj...
Yoshinori Tahara Mycaljp 2.0.1
Yoshinori Tahara Mycaljp 2.0.2
Yoshinori Tahara Mycaljp 2.0.3
Yoshinori Tahara Mycaljp 2.0.4
Yoshinori Tahara Mycaljp 2.0.0
Yoshinori Tahara Mycaljp 2.0.5
Yoshinori Tahara Mycaljp 2.0.6
Geeklog Geeklog 1.5.2
Geeklog Geeklog 1.5.0
Geeklog Geeklog 1.5.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »