Family: CGI abuses --> Category: attack
Geeklog session Cookie Authentication Bypass Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Tries to bypass authentication in Geeklog
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that is affected by
an authentication bypass issue.
The remote host is running Geeklog, an open-source weblog powered by
PHP and MySQL.
The version of Geeklog installed on the remote contains a flaw in its
session-handling library that can be exploited by a possible hacker to
bypass authentication and gain access as any user, including the
See also :
Upgrade to Geeklog 1.3.9sr5 / 1.3.11sr5 / 1.4.0sr2 or later.
Medium / CVSS Base Score : 4.9
Click HERE for more information and discussions on this network vulnerability scan.