Lucene search
K

362 matches found

ATTACKERKB
ATTACKERKB
added 2023/10/24 12:15 a.m.2 views

CVE-2023-46058

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...

4.8CVSS6.2AI score0.00596EPSS
Exploits1References2
OSV
OSV
added 2023/10/24 12:15 a.m.16 views

CVE-2023-46059

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

4.8CVSS6.5AI score
Exploits0References1
NVD
NVD
added 2023/10/24 12:15 a.m.11 views

CVE-2023-46059

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

4.8CVSS5.1AI score0.00596EPSS
Exploits1References1
NVD
NVD
added 2023/10/24 12:15 a.m.20 views

CVE-2023-46058

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...

4.8CVSS5.1AI score0.00596EPSS
Exploits1References1
OSV
OSV
added 2023/10/24 12:15 a.m.11 views

CVE-2023-46058

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...

4.8CVSS6.5AI score
Exploits0References1
Prion
Prion
added 2023/10/24 12:15 a.m.15 views

Cross site scripting

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

4.3CVSS5.2AI score0.00596EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/10/24 12:15 a.m.14 views

Cross site scripting

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...

4.3CVSS5.2AI score0.00596EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/10/23 12:0 a.m.4 views

Geeklog 跨站脚本漏洞

Geeklog is free and open source blogging software. A cross-site scripting vulnerability exists in the Geeklog grpdesc parameter due to an incorrect validation of user-supplied input by the publichtml/admin/group.php script. An attacker could use the vulnerability to steal the victim's cookie-base...

4.8CVSS6.3AI score0.00596EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/10/23 12:0 a.m.21 views

CVE-2023-46058

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...

5.3AI score0.00596EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/10/23 12:0 a.m.9 views

PT-2023-29815 · Unknown · Geeklog-Core

Name of the Vulnerable Software and Affected Versions: Geeklog-Core geeklog version 2.2.2 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via a crafted payload to the grp desc parameter of the "admin/group.php" component. This enables the attacker ...

4.8CVSS5.3AI score0.00596EPSS
Exploits1References7
CNNVD
CNNVD
added 2023/10/23 12:0 a.m.2 views

Geeklog 跨站脚本漏洞

Geeklog is Geeklog open source an open source software . Can be used as Weblog, CMS or Web Portal. Geeklog v2.2.2 version of the cross-site scripting vulnerability , the vulnerability stems from the application of the user-supplied data lack of effective filtering and escaping , a remote attacker...

4.8CVSS6.7AI score0.00596EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/10/23 12:0 a.m.11 views

CVE-2023-46058

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...

6.3AI score0.00596EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/10/23 12:0 a.m.14 views

CVE-2023-46059

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

5.3AI score0.00596EPSS
Exploits1References1
CVE
CVE
added 2023/10/23 12:0 a.m.53 views

CVE-2023-46059

CVE-2023-46059: A Cross-Site Scripting (XSS) flaw in Geeklog-Core Geeklog v2.2.2 affects the admin/trackback.php component, specifically via the Ping parameter, enabling a remote attacker to execute arbitrary code through a crafted payload. The vulnerability is described across multiple sources a...

4.8CVSS5.1AI score0.00596EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/10/23 12:0 a.m.53 views

CVE-2023-46058

CVE-2023-46058 describes a Cross-Site Scripting (XSS) vulnerability in Geeklog-Core (geeklog v2.2.2). The issue resides in the public_html/admin/group.php component, where unsanitized input to the grp_desc parameter can be crafted to execute arbitrary code in the context of an affected site. Docu...

4.8CVSS5.1AI score0.00596EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2023/08/24 12:0 a.m.3200 views

Geeklog 2.1.0b1 SQL Injection

==================================================================================================================================== | Title : Geeklog v2.1.0b1 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/23 12:0 a.m.2780 views

Geeklog 2.1.0b1 Database Disclosure

==================================================================================================================================== | Title : Geeklog v2.1.0b1 database disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3...

7.1AI score
Exploits0
CNVD
CNVD
added 2023/07/16 12:0 a.m.13 views

Geeklog router.php cross-site scripting vulnerability

Geeklog is free and open source blogging software. A cross-site scripting vulnerability exists in Geeklog router.php due to an incorrect validation of user-supplied input by the publichtml/admin/router.php script. An attacker could exploit the vulnerability to steal the victim's cookie-based...

4.8CVSS6.2AI score0.00399EPSS
Exploits1References1
CNVD
CNVD
added 2023/07/16 12:0 a.m.18 views

Geeklog Cross-Site Scripting Vulnerability

Geeklog is open source software that can be used as a Weblog, CMS or Web Portal. Geeklog suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary w...

4.8CVSS6.6AI score0.00456EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/07/13 5:15 p.m.6 views

CVE-2023-37787

Multiple cross-site scripting XSS vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php...

4.8CVSS6AI score0.00399EPSS
Exploits1References2
Rows per page
Query Builder