Vulnerabilities > CVE-2005-4725 - Security Bypass vulnerability in Geeklog (Extended Japanese Package)

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

geeklog

NVD

Published: 2005-12-31

Updated: 2008-09-05

Summary

Geeklog before 1.3.11sr3 allows remote attackers to bypass intended access restrictions and comment on an arbitrary story or topic by guessing the story ID.

Vulnerable Configurations

Part	Description	Count
Application	Geeklog Geeklog Geeklog 1.3.8_1_Sr3 Geeklog Geeklog 1.3.8_1_Sr4 Geeklog Geeklog 1.3.9 Geeklog Geeklog 1.3.9_Rc1 Geeklog Geeklog 1.3.9_Rc2 Geeklog Geeklog 1.3.9_Rc3 Geeklog Geeklog 1.3.9_Sr1 Geeklog Geeklog 1.3.9_Sr2 Geeklog Geeklog 1.3.10 Geeklog Geeklog 1.3.10_Rc1 Geeklog Geeklog 1.3.10_Rc2 Geeklog Geeklog 1.3.10_Rc3 Geeklog Geeklog 1.3.11 Geeklog Geeklog 1.3.11_Rc1 Geeklog Geeklog 1.3.11_Sr1 Geeklog Geeklog 1.3.11_Sr2	16

Summary

Vulnerable Configurations

References