admin
07-06-2005, 01:37 AM
Geeklog
http://www.geeklog.net
07-05-2005
http://secunia.com/advisories/15914/
http://www.geeklog.net/article.php/geeklog-1.3.11sr1
Description:
Stefan Esser has reported a vulnerability in Geeklog, which can be exploited by malicious people to conduct SQL injection attacks.
Some unspecified input isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary code.
The vulnerability has been reported in version 1.3.11 and prior.
Solution:
Update to version 1.3.11sr1.
http://www.geeklog.net/filemgmt/viewcat.php?cid=8
Provided and/or discovered by:
Stefan Esser, Hardened-PHP Project
Original Advisory:
http://www.hardened-php.net/advisory-062005.php
http://www.geeklog.net
07-05-2005
http://secunia.com/advisories/15914/
http://www.geeklog.net/article.php/geeklog-1.3.11sr1
Description:
Stefan Esser has reported a vulnerability in Geeklog, which can be exploited by malicious people to conduct SQL injection attacks.
Some unspecified input isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary code.
The vulnerability has been reported in version 1.3.11 and prior.
Solution:
Update to version 1.3.11sr1.
http://www.geeklog.net/filemgmt/viewcat.php?cid=8
Provided and/or discovered by:
Stefan Esser, Hardened-PHP Project
Original Advisory:
http://www.hardened-php.net/advisory-062005.php