Unrated severityNVD Advisory· Published May 31, 2006· Updated Apr 16, 2026
CVE-2006-2699
CVE-2006-2699
Description
Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to inject arbitrary HTML or web script via the image argument in a show action.
Affected products
41cpe:2.3:a:geeklog:geeklog:1.3:*:*:*:*:*:*:*+ 40 more
- cpe:2.3:a:geeklog:geeklog:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.10_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.10_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.10_rc3:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.11_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.11_sr1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.11_sr2:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.11_sr3:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.11_sr4:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.35:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.5_sr1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.7_sr1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.7_sr2:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.7_sr3:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.7_sr4:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.7_sr5:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.8_1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr2:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr3:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr4:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr5:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.8_1_sr6:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.9_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.9_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.9_rc3:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.9_sr1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.9_sr2:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.9_sr3:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.3.9_sr4:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.4.0_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.4.0_sr1:*:*:*:*:*:*:*
- cpe:2.3:a:geeklog:geeklog:1.4.0_sr2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.geeklog.net/index.phpnvdPatch
- kapda.ir/advisory-336.htmlnvdExploitPatchVendor Advisory
- secunia.com/advisories/20316nvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/18154nvdExploitPatch
- securityreason.com/securityalert/993nvd
- www.securityfocus.com/archive/1/435295/100/0/threadednvd
- www.vupen.com/english/advisories/2006/2050nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26862nvd
News mentions
0No linked articles in our index yet.