Geeklog 1.4.0sr1 and 1.3.11sr4


James Bercegay of GulfTech Security Research reported several issues with Geeklog’s cookie handling that made it vulnerable to SQL injections, arbitrary file access, and even injection and execution of arbitrary code. To fix those issues, we are releasing Geeklog 1.4.0sr1 and 1.3.11sr4 and strongly suggest that you install those updates as soon as possible.

For full details and upgrading instructions, please read the release announcement.


Stats for Geeklog