Mnogosearch
Products
1- 7 CVEs
Recent CVEs
7| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2003-0436 | 0.04 | — | 0.13 | Jul 24, 2003 | Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter. | ||
| CVE-2003-0437 | 0.03 | — | 0.05 | Jul 24, 2003 | Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter. | ||
| CVE-2011-5235 | 0.00 | — | 0.00 | Oct 25, 2012 | SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link. | ||
| CVE-2007-5588 | 0.00 | — | 0.00 | Oct 19, 2007 | Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist. | ||
| CVE-2004-1059 | 0.00 | — | 0.01 | Dec 10, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms. | ||
| CVE-2004-0288 | 0.00 | — | 0.05 | Nov 23, 2004 | Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document. | ||
| CVE-2002-0789 | 0.00 | — | 0.04 | Aug 12, 2002 | Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter. |
- CVE-2003-0436Jul 24, 2003risk 0.04cvss —epss 0.13
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
- CVE-2003-0437Jul 24, 2003risk 0.03cvss —epss 0.05
Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.
- CVE-2011-5235Oct 25, 2012risk 0.00cvss —epss 0.00
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.
- CVE-2007-5588Oct 19, 2007risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist.
- CVE-2004-1059Dec 10, 2004risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms.
- CVE-2004-0288Nov 23, 2004risk 0.00cvss —epss 0.05
Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document.
- CVE-2002-0789Aug 12, 2002risk 0.00cvss —epss 0.04
Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter.