CyberSec.Space Logo
Back to CVE Browser

CVE-2005-4725

HIGH
7.5
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile22.65th
PublishedDec 31, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Geeklog before 1.3.11sr3 allows remote attackers to bypass intended access restrictions and comment on an arbitrary story or topic by guessing the story ID.

Affected Platforms (CPE)

πŸ“¦
Geeklog

Geeklog

= 1.3.8_1_sr3
πŸ“¦
Geeklog

Geeklog

= 1.3.8_1_sr4
πŸ“¦
Geeklog

Geeklog

= 1.3.9
πŸ“¦
Geeklog

Geeklog

= 1.3.9_rc1
πŸ“¦
Geeklog

Geeklog

= 1.3.9_rc2
πŸ“¦
Geeklog

Geeklog

= 1.3.9_rc3
πŸ“¦
Geeklog

Geeklog

= 1.3.9_sr1
πŸ“¦
Geeklog

Geeklog

= 1.3.9_sr2
πŸ“¦
Geeklog

Geeklog

= 1.3.10
πŸ“¦
Geeklog

Geeklog

= 1.3.10_rc1
πŸ“¦
Geeklog

Geeklog

= 1.3.10_rc2
πŸ“¦
Geeklog

Geeklog

= 1.3.10_rc3
πŸ“¦
Geeklog

Geeklog

= 1.3.11
πŸ“¦
Geeklog

Geeklog

= 1.3.11_rc1
πŸ“¦
Geeklog

Geeklog

= 1.3.11_sr1
πŸ“¦
Geeklog

Geeklog

= 1.3.11_sr2

References & Advisories

πŸ”— http://www.geeklog.net/article.php/geeklog-1.3.11sr3
πŸ”— http://www.geeklog.net/forum/viewtopic.php?showtopic=61457
πŸ”— http://www.geeklog.net/article.php/geeklog-1.3.11sr3
πŸ”— http://www.geeklog.net/forum/viewtopic.php?showtopic=61457

Related Vulnerabilities

CVE-2006-106910.0

Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr...

CVE-2006-26987.8

Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possibly invali...

CVE-2002-09627.5

Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via (1) the u...

CVE-2002-00977.5

Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's...