CGI abuses : Geeklog < 1.4.0sr3 Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56873

Categoría: CGI abuses

Título: Geeklog < 1.4.0sr3 Multiple Vulnerabilities

Resumen: NOSUMMARY

Descripción: Description:

The installed version of Geeklog, according to the version
number, is vulnerable to multiple vulnerabilities, including
a SQL injection attack, cross site scripting attack, and
information disclosure vulnerability.

Versions prior to 1.4.0sr3 are vulnerable.

Solution : Upgrade to 1.4.0sr3 or later.

Risk factor : High

CVSS Score:
7.8

Referencia Cruzada: BugTraq ID: 18154
Common Vulnerability Exposure (CVE) ID: CVE-2006-2698
http://www.securityfocus.com/bid/18154
Bugtraq: 20060529 [KAPDA::#45] - geeklog multiple vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/435295/100/0/threaded
http://kapda.ir/advisory-336.html
http://secunia.com/advisories/20316
http://securityreason.com/securityalert/993
http://www.vupen.com/english/advisories/2006/2050
XForce ISS Database: geeklog-multiple-path-disclosure(26864)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26864
Common Vulnerability Exposure (CVE) ID: CVE-2006-2699
XForce ISS Database: geeklog-getimage-xss(26862)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26862
Common Vulnerability Exposure (CVE) ID: CVE-2006-2700
XForce ISS Database: geeklog-auth-libsecurity-sql-injection(26863)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26863

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56873
Categoría:	CGI abuses
Título:	Geeklog < 1.4.0sr3 Multiple Vulnerabilities
Resumen:	NOSUMMARY
Descripción:	Description: The installed version of Geeklog, according to the version number, is vulnerable to multiple vulnerabilities, including a SQL injection attack, cross site scripting attack, and information disclosure vulnerability. Versions prior to 1.4.0sr3 are vulnerable. Solution : Upgrade to 1.4.0sr3 or later. Risk factor : High CVSS Score: 7.8
Referencia Cruzada:	BugTraq ID: 18154 Common Vulnerability Exposure (CVE) ID: CVE-2006-2698 http://www.securityfocus.com/bid/18154 Bugtraq: 20060529 [KAPDA::#45] - geeklog multiple vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/435295/100/0/threaded http://kapda.ir/advisory-336.html http://secunia.com/advisories/20316 http://securityreason.com/securityalert/993 http://www.vupen.com/english/advisories/2006/2050 XForce ISS Database: geeklog-multiple-path-disclosure(26864) https://exchange.xforce.ibmcloud.com/vulnerabilities/26864 Common Vulnerability Exposure (CVE) ID: CVE-2006-2699 XForce ISS Database: geeklog-getimage-xss(26862) https://exchange.xforce.ibmcloud.com/vulnerabilities/26862 Common Vulnerability Exposure (CVE) ID: CVE-2006-2700 XForce ISS Database: geeklog-auth-libsecurity-sql-injection(26863) https://exchange.xforce.ibmcloud.com/vulnerabilities/26863
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com