search.php in Geeklog 1.4.x prior to 1.4.0rc1, and 1.3.x prior to 1.3.11sr3, allows remote malicious users to obtain sensitive information via invalid (1) datestart and (2) dateend parameters, which leaks the web server path in an error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
geeklog geeklog 1.3.11 |
||
geeklog geeklog 1.4.0 |
||
geeklog geeklog |