Geeklog <=1.5.2 'SESS_updateSessionTime()' vulnerability

2009-04-10T00:00:00
ID SECURITYVULNS:DOC:21606
Type securityvulns
Reporter Securityvulns
Modified 2009-04-10T00:00:00

Description

As the vendor stated, see: http://www.geeklog.net/article.php/geeklog-1.5.2sr2

geeklog is also vulnerable to this: http://www.securityfocus.com/bid/34361/info

actually this should be renamed in

glFusion 'SESS_updateSessionTime()' SQL Injection Vulnerability