CVE-2006-0823
Geeklog is affected in versions up to 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 due to SQL injection flaws in the handling of GPC data (notably via the userid cookie in users.php and sessid in lib-sessions.php). The vulnerabilities allow remote attackers to inject arbitrary SQL commands. ...