CVE-2002-0962
published 2002-10-04CVE-2002-0962: Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via (1) the url variable in the Link field…
PriorityP430high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
8.60%
94.4th percentile
Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via (1) the url variable in the Link field of a calendar event, (2) the topic parameter in index.php, or (3) the title parameter in comment.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| geeklog | geeklog | <= 1.3.5 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Geeklog 1.3.5 - Calendar Event Form Script Injection
exploitdb·2002-06-10
CVE-2002-0962 Geeklog 1.3.5 - Calendar Event Form Script Injection
Geeklog 1.3.5 - Calendar Event Form Script Injection
---
source: https://www.securityfocus.com/bid/4974/info
Geeklog does not sufficiently sanitize script code from form fields, making it prone to script injection attacks.
Attacker-supplied script code may potentially end up in webpages generated by Geeklog and will execute in the browser of a user who views such pages, in the security context of the website.
Link input($url) : Alper
Exploit-DB
Geeklog 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2002-06-10
CVE-2002-0962 Geeklog 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities
Geeklog 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/4969/info
Geeklog does not filter script code from URL parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a malicious link to the 'index.php' or 'comment.php' script. Such a malicious link might be included in a HTML e-mail or on a malicious webpage.
This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users of a host running Geeklog.
This issue has been reported to exist in Geeklog 1.3.5, earlier versions may also be susceptible to this issue.
/index.php?topic= alert(document.cookie)
/comment.php?mode=display&sid=foo&pid=18&title= alert(document.cookie) &type=article
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-06/0058.htmlhttp://geeklog.sourceforge.net/article.php?story=20020610013358149http://www.iss.net/security_center/static/9309.phphttp://www.iss.net/security_center/static/9310.phphttp://www.securityfocus.com/bid/4969http://www.securityfocus.com/bid/4974http://archives.neohapsis.com/archives/bugtraq/2002-06/0058.htmlhttp://geeklog.sourceforge.net/article.php?story=20020610013358149http://www.iss.net/security_center/static/9309.phphttp://www.iss.net/security_center/static/9310.phphttp://www.securityfocus.com/bid/4969http://www.securityfocus.com/bid/4974
2002-10-04
Published