Geeklog Multiple Remote File Include Vulnerabilities

Geeklog Multiple Remote File Include Vulnerabilities

Geeklog is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.

A successful exploit of these issues allows the attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.

The vendor indicates that this issue affects only misconfigured installations done via auto-installers.