Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 23 Mar 2012 10:56:58 +0200
From: Henri Salo <henri@...v.fi>
To: oss-security@...ts.openwall.com
Subject: CVE Request: Geeklog 1.7.1 <= Cross Site Scripting Vulnerability

Original request here: http://seclists.org/oss-sec/2011/q1/547

http://www.geeklog.net/article.php/geeklog-1.7.1sr1
http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/20a98e6bab20
http://yehg.net/lab/pr0js/advisories/[geeklog1.7.1]_cross_site_scripting
http://osvdb.org/show/osvdb/70245
http://secunia.com/advisories/42775/

This might have been left unassigned because of 'admin/configuration.php', but at least Geeklog thinks this as important security vulnerability. Needs 2010 identifier, thanks.

- Henri Salo

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ