CVE-2003-1347 — MEDIUM severity vulnerability (Multiple cross-site scripting (XSS) vulnerabilities in Geekl)
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.
| CVE ID | CVE-2003-1347 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 4.3 |
| CVSS vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
| CWE | CWE-79 |
| Status | Modified |
| Published | 2003-12-31 |
| Last modified | 2026-04-16 |
| Description | Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →