cbcvebase.

Mnogosearch vulnerabilities

7 known vulnerabilities affecting mnogosearch/mnogosearch.

Total CVEs
7
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2003-0436P3HIGHCVSS 7.5PoCv3.1.202003-07-24
CVE-2003-0436 [HIGH] CVE-2003-0436: Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary co Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
nvd
CVE-2003-0437P3HIGHCVSS 7.5PoCv3.2.102003-07-24
CVE-2003-0437 [HIGH] CVE-2003-0437: Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary co Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.
nvd
CVE-2011-5235P3HIGHCVSS 7.5≤ 3.3.11v3.1.19+28 more2012-10-25
CVE-2011-5235 [HIGH] CWE-89 CVE-2011-5235: SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrar SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.
nvd
CVE-2004-0288P4CRITICALCVSS 10.0v3.1.19v3.1.20+4 more2004-11-23
CVE-2004-0288 [CRITICAL] CVE-2004-0288: Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow rem Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document.
nvd
CVE-2002-0789P4HIGHCVSS 7.5≤ 3.1.192002-08-12
CVE-2002-0789 [HIGH] CVE-2002-0789: Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute a Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter.
nvd
CVE-2007-5588P4MEDIUMCVSS 4.3≤ 3.2.422007-10-19
CVE-2007-5588 [MEDIUM] CWE-79 CVE-2007-5588: Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inj Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist.
nvd
CVE-2004-1059P4MEDIUMCVSS 4.3v3.1.19v3.1.20+15 more2004-12-10
CVE-2004-1059 [MEDIUM] CVE-2004-1059: Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote a Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms.
nvd
Mnogosearch vulnerabilities | cvebase