Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to inject arbitrary HTML or web script via the image argument in a show action.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Geeklog | Geeklog | 1.3 (including) | 1.3 (including) |
Geeklog | Geeklog | 1.3.5 (including) | 1.3.5 (including) |
Geeklog | Geeklog | 1.3.5_sr1 (including) | 1.3.5_sr1 (including) |
Geeklog | Geeklog | 1.3.6 (including) | 1.3.6 (including) |
Geeklog | Geeklog | 1.3.7 (including) | 1.3.7 (including) |
Geeklog | Geeklog | 1.3.7_sr1 (including) | 1.3.7_sr1 (including) |
Geeklog | Geeklog | 1.3.7_sr2 (including) | 1.3.7_sr2 (including) |
Geeklog | Geeklog | 1.3.7_sr3 (including) | 1.3.7_sr3 (including) |
Geeklog | Geeklog | 1.3.7_sr4 (including) | 1.3.7_sr4 (including) |
Geeklog | Geeklog | 1.3.7_sr5 (including) | 1.3.7_sr5 (including) |
Geeklog | Geeklog | 1.3.8 (including) | 1.3.8 (including) |
Geeklog | Geeklog | 1.3.8_1 (including) | 1.3.8_1 (including) |
Geeklog | Geeklog | 1.3.8_1_sr1 (including) | 1.3.8_1_sr1 (including) |
Geeklog | Geeklog | 1.3.8_1_sr2 (including) | 1.3.8_1_sr2 (including) |
Geeklog | Geeklog | 1.3.8_1_sr3 (including) | 1.3.8_1_sr3 (including) |
Geeklog | Geeklog | 1.3.8_1_sr4 (including) | 1.3.8_1_sr4 (including) |
Geeklog | Geeklog | 1.3.8_1_sr5 (including) | 1.3.8_1_sr5 (including) |
Geeklog | Geeklog | 1.3.8_1_sr6 (including) | 1.3.8_1_sr6 (including) |
Geeklog | Geeklog | 1.3.9 (including) | 1.3.9 (including) |
Geeklog | Geeklog | 1.3.9_rc1 (including) | 1.3.9_rc1 (including) |
Geeklog | Geeklog | 1.3.9_rc2 (including) | 1.3.9_rc2 (including) |
Geeklog | Geeklog | 1.3.9_rc3 (including) | 1.3.9_rc3 (including) |
Geeklog | Geeklog | 1.3.9_sr1 (including) | 1.3.9_sr1 (including) |
Geeklog | Geeklog | 1.3.9_sr2 (including) | 1.3.9_sr2 (including) |
Geeklog | Geeklog | 1.3.9_sr3 (including) | 1.3.9_sr3 (including) |
Geeklog | Geeklog | 1.3.9_sr4 (including) | 1.3.9_sr4 (including) |
Geeklog | Geeklog | 1.3.10 (including) | 1.3.10 (including) |
Geeklog | Geeklog | 1.3.10_rc1 (including) | 1.3.10_rc1 (including) |
Geeklog | Geeklog | 1.3.10_rc2 (including) | 1.3.10_rc2 (including) |
Geeklog | Geeklog | 1.3.10_rc3 (including) | 1.3.10_rc3 (including) |
Geeklog | Geeklog | 1.3.11 (including) | 1.3.11 (including) |
Geeklog | Geeklog | 1.3.11_rc1 (including) | 1.3.11_rc1 (including) |
Geeklog | Geeklog | 1.3.11_sr1 (including) | 1.3.11_sr1 (including) |
Geeklog | Geeklog | 1.3.11_sr2 (including) | 1.3.11_sr2 (including) |
Geeklog | Geeklog | 1.3.11_sr3 (including) | 1.3.11_sr3 (including) |
Geeklog | Geeklog | 1.3.11_sr4 (including) | 1.3.11_sr4 (including) |
Geeklog | Geeklog | 1.4.0 (including) | 1.4.0 (including) |
Geeklog | Geeklog | 1.4.0_beta1 (including) | 1.4.0_beta1 (including) |
Geeklog | Geeklog | 1.4.0_sr1 (including) | 1.4.0_sr1 (including) |
Geeklog | Geeklog | 1.4.0_sr2 (including) | 1.4.0_sr2 (including) |
Geeklog | Geeklog | 1.35 (including) | 1.35 (including) |