4 matches found
EUVD-2002-0952
Malware in sbrugna...
Geeklog 1.3.5 HTML Attribute Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5270/info A cross site scripting vulnerability has been reported for Geeklog. Reportedly, Geeklog does not properly sanitize user supplied input before being included when posting comments or writing stories. Geeklog make...
CVE-2002-0962
Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via 1 the url variable in the Link field of a calendar event, 2 the topic parameter in index.php, or 3 the title parameter in comment.php...
CVE-2002-0963
SQL injection vulnerability in comment.php for GeekLog 1.3.5 and earlier allows remote attackers to obtain sensitive user information via the pid parameter...