Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2005-4026

search.php in Geeklog 1.4.x before 1.4.0rc1, and 1.3.x before 1.3.11sr3, allows remote attackers to obtain sensitive information via invalid (1) datestart and (2) dateend parameters, which leaks the web server path in an error message.

  • Published: Dec 5, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-4026
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
geeklog / geeklog 1.4.0-beta1 1.4.0-beta1.x
geeklog / geeklog 1.3.0 1.3.11.x
geeklog / geeklog 1.3.11-rc1 1.3.11-rc1.x
geeklog / geeklog 1.3.11-sr1 1.3.11-sr1.x
geeklog / geeklog 1.3.11-sr2 1.3.11-sr2.x