CyberSec.Space Logo
Back to CVE Browser

CVE-2006-1069

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0820%
EPSS Percentile23.81th
PublishedMar 7, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors.

Affected Platforms (CPE)

πŸ“¦
Geeklog

Geeklog

= 1.3.9
πŸ“¦
Geeklog

Geeklog

= 1.3.9_sr1
πŸ“¦
Geeklog

Geeklog

= 1.3.9_sr2
πŸ“¦
Geeklog

Geeklog

= 1.3.9_sr3
πŸ“¦
Geeklog

Geeklog

= 1.3.9_sr4
πŸ“¦
Geeklog

Geeklog

= 1.3.11
πŸ“¦
Geeklog

Geeklog

= 1.3.11_sr1
πŸ“¦
Geeklog

Geeklog

= 1.3.11_sr2
πŸ“¦
Geeklog

Geeklog

= 1.3.11_sr3
πŸ“¦
Geeklog

Geeklog

= 1.3.11_sr4
πŸ“¦
Geeklog

Geeklog

= 1.4.0
πŸ“¦
Geeklog

Geeklog

= 1.4.0_sr1

References & Advisories

πŸ”— http://www.geeklog.net/article.php/geeklog-1.4.0sr2
πŸ”— http://www.securityfocus.com/bid/17010
πŸ”— http://www.vupen.com/english/advisories/2006/0851
πŸ”— http://www.geeklog.net/article.php/geeklog-1.4.0sr2
πŸ”— http://www.securityfocus.com/bid/17010
πŸ”— http://www.vupen.com/english/advisories/2006/0851

Related Vulnerabilities

CVE-2006-26987.8

Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possibly invali...

CVE-2002-09627.5

Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via (1) the u...

CVE-2002-00977.5

Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's...

CVE-2005-21527.5

SQL injection vulnerability in Geeklog before 1.3.11 allows remote attackers to execute arbitrary SQL commands via user comments f...