Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2006-2700

Published: May 31, 2006 | Modified: Oct 18, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2006-2700
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the loginname parameter.

Affected Software

Name Vendor Start Version End Version
Geeklog Geeklog 1.3 1.3
Geeklog Geeklog 1.3.5 1.3.5
Geeklog Geeklog 1.3.5_sr1 1.3.5_sr1
Geeklog Geeklog 1.3.6 1.3.6
Geeklog Geeklog 1.3.7 1.3.7
Geeklog Geeklog 1.3.7_sr1 1.3.7_sr1
Geeklog Geeklog 1.3.7_sr2 1.3.7_sr2
Geeklog Geeklog 1.3.7_sr3 1.3.7_sr3
Geeklog Geeklog 1.3.7_sr4 1.3.7_sr4
Geeklog Geeklog 1.3.7_sr5 1.3.7_sr5
Geeklog Geeklog 1.3.8 1.3.8
Geeklog Geeklog 1.3.8_1 1.3.8_1
Geeklog Geeklog 1.3.8_1_sr1 1.3.8_1_sr1
Geeklog Geeklog 1.3.8_1_sr2 1.3.8_1_sr2
Geeklog Geeklog 1.3.8_1_sr3 1.3.8_1_sr3
Geeklog Geeklog 1.3.8_1_sr4 1.3.8_1_sr4
Geeklog Geeklog 1.3.8_1_sr5 1.3.8_1_sr5
Geeklog Geeklog 1.3.8_1_sr6 1.3.8_1_sr6
Geeklog Geeklog 1.3.9 1.3.9
Geeklog Geeklog 1.3.9_rc1 1.3.9_rc1
Geeklog Geeklog 1.3.9_rc2 1.3.9_rc2
Geeklog Geeklog 1.3.9_rc3 1.3.9_rc3
Geeklog Geeklog 1.3.9_sr1 1.3.9_sr1
Geeklog Geeklog 1.3.9_sr2 1.3.9_sr2
Geeklog Geeklog 1.3.9_sr3 1.3.9_sr3
Geeklog Geeklog 1.3.9_sr4 1.3.9_sr4
Geeklog Geeklog 1.3.10 1.3.10
Geeklog Geeklog 1.3.10_rc1 1.3.10_rc1
Geeklog Geeklog 1.3.10_rc2 1.3.10_rc2
Geeklog Geeklog 1.3.10_rc3 1.3.10_rc3
Geeklog Geeklog 1.3.11 1.3.11
Geeklog Geeklog 1.3.11_rc1 1.3.11_rc1
Geeklog Geeklog 1.3.11_sr1 1.3.11_sr1
Geeklog Geeklog 1.3.11_sr2 1.3.11_sr2
Geeklog Geeklog 1.3.11_sr3 1.3.11_sr3
Geeklog Geeklog 1.3.11_sr4 1.3.11_sr4
Geeklog Geeklog 1.4.0 1.4.0
Geeklog Geeklog 1.4.0_beta1 1.4.0_beta1
Geeklog Geeklog 1.4.0_sr1 1.4.0_sr1
Geeklog Geeklog * 1.4.0_sr2
Geeklog Geeklog 1.35 1.35

References

Aqua SaaS Plans
The fastest track to get started with Aqua
Start Now
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2022 Aqua Security Software Ltd.   Privacy Policy | Terms of Use