<<< Date Index >>>     <<< Thread Index >>>

Geeklog <=1.5.2 'SESS_updateSessionTime()' vulnerability



As the vendor stated, see:
http://www.geeklog.net/article.php/geeklog-1.5.2sr2

geeklog is also vulnerable to this:
http://www.securityfocus.com/bid/34361/info

actually this should be renamed in 

glFusion 'SESS_updateSessionTime()' SQL Injection Vulnerability