Max CVSS 7.8 Min CVSS 5.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-2698 7.8
Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possibly invalid arguments to (1) layout/professional/functions.php or (2) getimage.php. This vulnerability is addressed in the followi
18-10-2018 - 16:41 31-05-2006 - 10:06
CVE-2006-2699 6.8
Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to inject arbitrary HTML or web script via the image argument in a show action. This vulnerability is addressed in the following product
18-10-2018 - 16:41 31-05-2006 - 10:06
CVE-2006-2700 5.1
SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the loginname parameter. Successful exploitation requires that "magic_quotes_gpc
18-10-2018 - 16:41 31-05-2006 - 10:06
CVE-2006-2701 7.5
SQL injection vulnerability in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to story submission.
20-07-2017 - 01:31 31-05-2006 - 10:06
Back to Top Mark selected
Back to Top