Back to search
CVE-2006-3756
Published: Jul 20, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in Geeklog 1.4.0sr4 and earlier, and 1.3.11sr6 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when validating comments in (1) lib-comment.php (1.4.0sr4) or (2) comment.php (0.3.11sr6).
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2006-2865
vdb-entry
x_refsource_VUPEN
http://www.geeklog.net/article.php/geeklog-1.4.0sr5
x_refsource_CONFIRM
21094
third-party-advisory
x_refsource_SECUNIA
JVN#81108784
third-party-advisory
x_refsource_JVN
geeklog-comment-xss(27813)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now