Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2006-0823 |
Description: | Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to inject arbitrary SQL commands via the (1) userid variable to users.php or (2) sessid variable to lib-sessions.php. |
Test IDs: | None available |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-0823 BugTraq ID: 16755 http://www.securityfocus.com/bid/16755 Bugtraq: 20060219 Geeklog Remote Code Execution (Google Search) http://www.securityfocus.com/archive/1/425506/100/0/threaded http://www.gulftech.org/?node=research&article_id=00102-02192006 http://www.osvdb.org/23348 http://secunia.com/advisories/18920 http://www.vupen.com/english/advisories/2006/0661 XForce ISS Database: geeklog-users-sessions-sql-injection(24775) https://exchange.xforce.ibmcloud.com/vulnerabilities/24775 |