CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-2152

HIGH
7.5
CVSS Severity Score
EPSS Score0.0130%
EPSS Percentile44.71th
Published2005年7月6日
Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in Geeklog before 1.3.11 allows remote attackers to execute arbitrary SQL commands via user comments for an article.

Affected Platforms (CPE)

📦
Geeklog

Geeklog

= 1.3.6
📦
Geeklog

Geeklog

= 1.3.7
📦
Geeklog

Geeklog

= 1.3.7_sr1
📦
Geeklog

Geeklog

= 1.3.7_sr2
📦
Geeklog

Geeklog

= 1.3.7_sr3
📦
Geeklog

Geeklog

= 1.3.7_sr4
📦
Geeklog

Geeklog

= 1.3.7_sr5
📦
Geeklog

Geeklog

= 1.3.8
📦
Geeklog

Geeklog

= 1.3.8_1
📦
Geeklog

Geeklog

= 1.3.8_1_sr1
📦
Geeklog

Geeklog

= 1.3.8_1_sr2
📦
Geeklog

Geeklog

= 1.3.8_1_sr3
📦
Geeklog

Geeklog

= 1.3.8_1_sr4
📦
Geeklog

Geeklog

= 1.3.8_1_sr5
📦
Geeklog

Geeklog

= 1.3.8_1_sr6
📦
Geeklog

Geeklog

= 1.3.9_sr1
📦
Geeklog

Geeklog

= 1.3.9_sr2
📦
Geeklog

Geeklog

= 1.3.9_sr3
📦
Geeklog

Geeklog

= 1.3.10

References & Advisories

🔗 http://secunia.com/advisories/15914
🔗 http://securitytracker.com/id?1014381
🔗 http://www.geeklog.net/article.php/geeklog-1.3.11sr1
🔗 http://www.hardened-php.net/advisory-062005.php
🔗 http://secunia.com/advisories/15914
🔗 http://securitytracker.com/id?1014381
🔗 http://www.geeklog.net/article.php/geeklog-1.3.11sr1
🔗 http://www.hardened-php.net/advisory-062005.php

相關漏洞威脅

CVE-2006-106910.0

Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr...

CVE-2006-26987.8

Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possibly invali...

CVE-2002-09627.5

Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via (1) the u...

CVE-2002-00977.5

Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's...