Geeklog: >> Geeklog >> 1.3.11 Security Vulnerabilities
Geeklog before 1.3.11sr3 allows remote attackers to bypass intended access restrictions and comment on an arbitrary story or topic by guessing the story ID.
CVSS Score
7.5
EPSS Score
0.003
Published
2005-12-31
search.php in Geeklog 1.4.x before 1.4.0rc1, and 1.3.x before 1.3.11sr3, allows remote attackers to obtain sensitive information via invalid (1) datestart and (2) dateend parameters, which leaks the web server path in an error message.
CVSS Score
5.0
EPSS Score
0.004
Published
2005-12-05
Page 2