362 matches found
CVE-2023-46058
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
CVE-2023-46058
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
CVE-2023-46058
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
Cross site scripting
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
Cross site scripting
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
Geeklog 跨站脚本漏洞
Geeklog is free and open source blogging software. A cross-site scripting vulnerability exists in the Geeklog grpdesc parameter due to an incorrect validation of user-supplied input by the publichtml/admin/group.php script. An attacker could use the vulnerability to steal the victim's cookie-base...
CVE-2023-46058
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
PT-2023-29815 · Unknown · Geeklog-Core
Name of the Vulnerable Software and Affected Versions: Geeklog-Core geeklog version 2.2.2 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via a crafted payload to the grp desc parameter of the "admin/group.php" component. This enables the attacker ...
Geeklog 跨站脚本漏洞
Geeklog is Geeklog open source an open source software . Can be used as Weblog, CMS or Web Portal. Geeklog v2.2.2 version of the cross-site scripting vulnerability , the vulnerability stems from the application of the user-supplied data lack of effective filtering and escaping , a remote attacker...
CVE-2023-46058
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
CVE-2023-46059
CVE-2023-46059: A Cross-Site Scripting (XSS) flaw in Geeklog-Core Geeklog v2.2.2 affects the admin/trackback.php component, specifically via the Ping parameter, enabling a remote attacker to execute arbitrary code through a crafted payload. The vulnerability is described across multiple sources a...
CVE-2023-46058
CVE-2023-46058 describes a Cross-Site Scripting (XSS) vulnerability in Geeklog-Core (geeklog v2.2.2). The issue resides in the public_html/admin/group.php component, where unsanitized input to the grp_desc parameter can be crafted to execute arbitrary code in the context of an affected site. Docu...
Geeklog 2.1.0b1 SQL Injection
==================================================================================================================================== | Title : Geeklog v2.1.0b1 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | ...
Geeklog 2.1.0b1 Database Disclosure
==================================================================================================================================== | Title : Geeklog v2.1.0b1 database disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3...
Geeklog router.php cross-site scripting vulnerability
Geeklog is free and open source blogging software. A cross-site scripting vulnerability exists in Geeklog router.php due to an incorrect validation of user-supplied input by the publichtml/admin/router.php script. An attacker could exploit the vulnerability to steal the victim's cookie-based...
Geeklog Cross-Site Scripting Vulnerability
Geeklog is open source software that can be used as a Weblog, CMS or Web Portal. Geeklog suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary w...
CVE-2023-37787
Multiple cross-site scripting XSS vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php...