Diesl0W

**Name of the Vulnerable Software and Affected Versions** Geeklog versions 2.x **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `glConf[path system]` parameter in ImageImageMagick.php. **Recommendations** For Geeklog version 2.x, update the ImageImageMagick.php file to properly validate and sanitize the `glConf[path system]` parameter to prevent remote file inclusion attacks. As a temporary workaround, consider restricting access to the ImageImageMagick.php file until a patch is available.