Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2006-2699

Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to inject arbitrary HTML or web script via the image argument in a show action.

  • Published: May 31, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-2699
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
geeklog / geeklog 1.3.5 1.3.5.x
geeklog / geeklog 1.3.10_rc3 1.3.10_rc3.x
geeklog / geeklog 1.4.0_sr1 1.4.0_sr1.x
geeklog / geeklog 1.3.8 1.3.8.x
geeklog / geeklog 1.3.9_sr2 1.3.9_sr2.x
geeklog / geeklog 1.3.10_rc2 1.3.10_rc2.x
geeklog / geeklog 1.3.6 1.3.6.x
geeklog / geeklog 1.4.0_beta1 1.4.0_beta1.x
geeklog / geeklog 1.3.9_sr4 1.3.9_sr4.x
geeklog / geeklog 1.3.11_sr3 1.3.11_sr3.x
geeklog / geeklog 1.3.9_rc3 1.3.9_rc3.x
geeklog / geeklog 1.3.7_sr2 1.3.7_sr2.x
geeklog / geeklog 1.3.11_sr2 1.3.11_sr2.x
geeklog / geeklog 1.3.7_sr5 1.3.7_sr5.x
geeklog / geeklog 1.3.8_1_sr5 1.3.8_1_sr5.x
geeklog / geeklog 1.3.7 1.3.7.x
geeklog / geeklog 1.35 1.35.x
geeklog / geeklog 1.3.9_rc1 1.3.9_rc1.x
geeklog / geeklog 1.3.10 1.3.10.x
geeklog / geeklog 1.3.8_1_sr2 1.3.8_1_sr2.x
geeklog / geeklog 1.3.8_1_sr6 1.3.8_1_sr6.x
geeklog / geeklog 1.3.8_1_sr1 1.3.8_1_sr1.x
geeklog / geeklog 1.4.0_sr2 1.4.0_sr2.x
geeklog / geeklog 1.3.8_1_sr3 1.3.8_1_sr3.x
geeklog / geeklog 1.3.11_rc1 1.3.11_rc1.x
geeklog / geeklog 1.3 1.3.x
geeklog / geeklog 1.3.7_sr3 1.3.7_sr3.x
geeklog / geeklog 1.3.8_1_sr4 1.3.8_1_sr4.x
geeklog / geeklog 1.4.0 1.4.0.x
geeklog / geeklog 1.3.9_sr1 1.3.9_sr1.x
geeklog / geeklog 1.3.11_sr1 1.3.11_sr1.x
geeklog / geeklog 1.3.9 1.3.9.x
geeklog / geeklog 1.3.7_sr1 1.3.7_sr1.x
geeklog / geeklog 1.3.5_sr1 1.3.5_sr1.x
geeklog / geeklog 1.3.9_rc2 1.3.9_rc2.x
geeklog / geeklog 1.3.9_sr3 1.3.9_sr3.x
geeklog / geeklog 1.3.11_sr4 1.3.11_sr4.x
geeklog / geeklog 1.3.11 1.3.11.x
geeklog / geeklog 1.3.8_1 1.3.8_1.x
geeklog / geeklog 1.3.10_rc1 1.3.10_rc1.x
geeklog / geeklog 1.3.7_sr4 1.3.7_sr4.x