Geeklog 1.3.x - XSS

2003-09-29T00:00:00
ID EDB-ID:23194
Type exploitdb
Reporter Lorenzo Hernandez Garcia-Hierro
Modified 2003-09-29T00:00:00

Description

Geeklog 1.3.x XSS. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/8718/info
 
Geeklog is prone to multiple vulnerabilities, including cross-site scripting and SQL injection issues. Exploitation of these issues could permit unauthorized access to user accounts and sensitive information.
 
Some of these issues may be related to previously documented vulnerabilities in Geeklog. 


http://www.example.com/faqman/index.php?op=view&t=518">[XSS ATTACK CODE]

http://www.example.com/filemgmt/brokenfile.php?lid=17'/%22%3[XSS ATTACK CODE]