Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51847
Category:CGI abuses : XSS
Title:Geeklog 1.3.5 XSS and script injection attacks
Summary:NOSUMMARY
Description:Description:

The installed version of Geeklog, according to the version
number, is vulnerable to several script injection attacks
that allow attackers to run JavaScript code in the context
of the browser used to visit the vulnerable site.

Versions up to and including 1.3.5 are known to be vulnerable.

Solution : Upgrade to 1.3.5sr1 or later.
Risk factor : High

CVSS Score:
7.5

Cross-Ref: BugTraq ID: 4969
BugTraq ID: 4974
Common Vulnerability Exposure (CVE) ID: CVE-2002-0962
http://www.securityfocus.com/bid/4969
http://www.securityfocus.com/bid/4974
Bugtraq: 20020610 [ARL02-A13] Multiple Security Issues in GeekLog (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2002-06/0058.html
http://www.iss.net/security_center/static/9309.php
http://www.iss.net/security_center/static/9310.php
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.