Vulnerabilities > Geeklog > Geeklog > 1.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-09-09 | CVE-2011-5159 | Cross-Site Scripting vulnerability in Geeklog Cross-site scripting (XSS) vulnerability in admin/configuration.php in Geeklog before 1.7.1sr1 allows remote attackers to inject arbitrary web script or HTML via the sub_group parameter, a different vulnerability than CVE-2011-4942. | 4.3 |
| 2012-09-09 | CVE-2011-4942 | Cross-Site Scripting vulnerability in Geeklog Multiple cross-site scripting (XSS) vulnerabilities in admin/configuration.php in Geeklog before 1.7.1sr1 allow remote attackers to inject arbitrary web script or HTML via the (1) subgroup or (2) conf_group parameters. | 4.3 |