4 matches found
Geeklog 1.4 - Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18154/info Geeklog is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitiz...
CVE-2006-6225
Multiple PHP remote file inclusion vulnerabilities in GeekLog 1.4 allow remote attackers to execute arbitrary code via a URL in the CONFpath parameter to 1 links/functions.inc, 2 polls/functions.inc, 3 spamx/BlackList.Examine.class.php, 4 spamx/DeleteComment.Action.class.php, 5...
CVE-2006-6225
Multiple PHP remote file inclusion vulnerabilities in GeekLog 1.4 allow remote attackers to execute arbitrary code via a URL in the CONFpath parameter to 1 links/functions.inc, 2 polls/functions.inc, 3 spamx/BlackList.Examine.class.php, 4 spamx/DeleteComment.Action.class.php, 5...
Design/Logic Flaw
Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors...