4 matches found
CVE-2013-1470
CVE-2013-1470 affects Geeklog’s Calendar plugin (calendar/index.php) with XSS via the calendar_type parameter submitted to submit.php. Affected: Geeklog before 1.8.2sr1 and 2.0.0 before 2.0.0rc2. Root cause: insufficient input sanitization of the calendar_type field leading to injection of arbitr...
Cross-Site Scripting (XSS) in Geeklog
Advisory ID: HTB23143 Product: Geeklog Vendor: http://www.geeklog.net Vulnerable Versions: 1.8.2 and probably prior Tested Version: 1.8.2 Vendor Notification: February 6, 2013 Vendor Patch: February 20, 2013 Public Disclosure: February 27, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...
Geeklog 1.8.2 Cross Site Scripting Vulnerability
Geeklog version 1.8.2 suffers from a cross site scripting vulnerability. Product: Geeklog Vendor: http://www.geeklog.net Vulnerable Versions: 1.8.2 and probably prior Tested Version: 1.8.2 Vendor Notification: February 6, 2013 Vendor Patch: February 20, 2013 Public Disclosure: February 27, 2013...
Geeklog 1.8.2 Cross Site Scripting
Advisory ID: HTB23143 Product: Geeklog Vendor: http://www.geeklog.net Vulnerable Versions: 1.8.2 and probably prior Tested Version: 1.8.2 Vendor Notification: February 6, 2013 Vendor Patch: February 20, 2013 Public Disclosure: February 27, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...