23 matches found
EUVD-2013-1506
Malware in sbrugna...
EUVD-2002-1896
Malware in sbrugna...
EUVD-2006-1073
Malware in sbrugna...
EUVD-2005-4021
Malware in sbrugna...
EUVD-2011-5059
Malware in sbrugna...
EUVD-2023-41661
Malicious code in bioql PyPI...
CVE-2002-1917
CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 allows remote attackers to obtain e-mail addresses by injecting a CRLF into the Subject field and adding a BCC mail header...
CVE-2005-4725
Geeklog before 1.3.11sr3 allows remote attackers to bypass intended access restrictions and comment on an arbitrary story or topic by guessing the story ID...
Geeklog 2.1.0b1 Database Disclosure
==================================================================================================================================== | Title : Geeklog v2.1.0b1 database disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3...
CVE-2023-37787
Multiple cross-site scripting XSS vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php...
PT-2023-26107 · Geeklog · Geeklog
Name of the Vulnerable Software and Affected Versions: Geeklog version 2.2.2 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of "/admin/router.php" API endpoint. This enables the execution of...
geeklog 2.1.0b1 Local File Include Vulnerability
Exploit for php platform in category web applications ----------exploit Debut Local File Include Vulnerability ----------Author Info Name : JIKO ----------Script Info Site : https://www.geeklog.net/ Download : https://www.geeklog.net/filemgmt/uploaddir/geeklog-2.1.0b1.tar.gz Name : geeklog-2.1.0b...
Geeklog 1.5.2 - SEC_authenticate() SQL Injection
Geeklog 1.5.2 - SECauthenticate SQL Injection = 5.0 google dorks: "By Geeklog" "Created this page in" +seconds +powered "By Geeklog" "Created this page in" +seconds +powered inurl:publichtml vulnerability, see /publichtml/webservices/atom/index.php near lines 34-53: ... requireonce...
Geeklog 1.3.7 - 'users.php?uid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/6602/info Geeklog is prone to a cross-site scripting vulnerability in the 'users.php' script. This issue is due to insufficient sanitization of input submitted in URI parameters. As a result, an attacker may create a malicious link to a site hosting...
Geeklog 1.3.7 - profiles.php Multiple Cross-Site Scripting Vulnerabilities
Geeklog 1.3.7 - profiles.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/6601/info The Geeklog 'profiles.php' script is prone to multiple cross-site scripting vulnerabilities. This issue is due to insufficient sanitization of input submitted in URI...
Geeklog 1.3.7 - users.php?uid Cross-Site Scripting
Geeklog 1.3.7 - users.php?uid Cross-Site Scripting source: https://www.securityfocus.com/bid/6602/info Geeklog is prone to a cross-site scripting vulnerability in the 'users.php' script. This issue is due to insufficient sanitization of input submitted in URI parameters. As a result, an attacker...
Geeklog 1.3.5 - HTML Attribute Cross-Site Scripting
Geeklog 1.3.5 - HTML Attribute Cross-Site Scripting source: https://www.securityfocus.com/bid/5270/info A cross site scripting vulnerability has been reported for Geeklog. Reportedly, Geeklog does not properly sanitize user supplied input before being included when posting comments or writing...
Geeklog 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities
Geeklog 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/4969/info Geeklog does not filter script code from URL parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a malicious link to the...
Geeklog 1.3.5 - Calendar Event Form Script Injection
source: https://www.securityfocus.com/bid/4974/info Geeklog does not sufficiently sanitize script code from form fields, making it prone to script injection attacks. Attacker-supplied script code may potentially end up in webpages generated by Geeklog and will execute in the browser of a user who...
Geeklog 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/4969/info Geeklog does not filter script code from URL parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a malicious link to the 'index.php' or 'comment.php' script. Such a malicious link might b...