CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0097

HIGH
7.5
CVSS Severity Score
EPSS Score0.1480%
EPSS Percentile21.28th
PublishedMar 25, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account.

Affected Platforms (CPE)

πŸ“¦
Geeklog

Geeklog

= 1.3

References & Advisories

πŸ”— http://geeklog.sourceforge.net/index.php?topic=Security
πŸ”— http://online.securityfocus.com/archive/1/249443
πŸ”— http://www.iss.net/security_center/static/7869.php
πŸ”— http://www.securityfocus.com/bid/3844
πŸ”— http://geeklog.sourceforge.net/index.php?topic=Security
πŸ”— http://online.securityfocus.com/archive/1/249443
πŸ”— http://www.iss.net/security_center/static/7869.php
πŸ”— http://www.securityfocus.com/bid/3844

Related Vulnerabilities

CVE-2006-106910.0

Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr...

CVE-2006-26987.8

Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possibly invali...

CVE-2005-47257.5

Geeklog before 1.3.11sr3 allows remote attackers to bypass intended access restrictions and comment on an arbitrary story or topic...

CVE-2002-09627.5

Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via (1) the u...

CVE-2002-0097 Detail & Impact Analysis | CVSS 7.5 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space