Vulnerabilities > CVE-2006-2699 - Input Validation vulnerability in Geeklog

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
geeklog
exploit available
NVD
Published: 2006-05-31
Updated: 2018-10-18

Summary

Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to inject arbitrary HTML or web script via the image argument in a show action. This vulnerability is addressed in the following product release: Geeklog, Geeklog, 1.4.0sr3

Vulnerable Configurations

Part Description Count
Application
Geeklog
41

Exploit-Db

descriptionGeeklog 1.4 Multiple Input Validation Vulnerabilities. CVE-2006-2699. Webapps exploit for php platform
idEDB-ID:27919
last seen2016-02-03
modified2006-05-11
published2006-05-11
reportertrueend5
sourcehttps://www.exploit-db.com/download/27919/
titleGeeklog 1.4 - Multiple Input Validation Vulnerabilities

References