VULHUB ™

Geeklog is freely available, open-source weblog software. It allows users to create a virtual community area, complete with user administration, story posting, etc. It is written in PHP and will run on most Unix and Linux variants, as well as Microsoft Windows NT/2000. Geeklog is backended by MySQL. A vulnerability has been discovered in Geeklog version 1.3 that may allow the unprivileged, regular user to sign onto the service to gain admin rights. The first new user to create an account with the service is a member of the GroupAdmin/UserAdmin Groups, which allows for administration of both users and groups. This is due to an oversight in the design of the product.

Geeklog is freely available, open-source weblog software. It allows users to create a virtual community area, complete with user administration, story posting, etc. It is written in PHP and will run on most Unix and Linux variants, as well as Microsoft Windows NT/2000. Geeklog is backended by MySQL. A vulnerability has been discovered in Geeklog version 1.3 that may allow the unprivileged, regular user to sign onto the service to gain admin rights. The first new user to create an account with the service is a member of the GroupAdmin/UserAdmin Groups, which allows for administration of both users and groups. This is due to an oversight in the design of the product.