Lucene search
K

4 matches found

Circl
Circl
added 2024/01/23 7:26 p.m.10 views

CVE-2024-22203

creationtimestamp| type| source ---|---|--- 2024-01-23 19:26:45+00:00| seen| https://t.me/ctinow/172246 2024-01-30 19:17:11+00:00| seen| https://t.me/ctinow/176188 2024-02-17 11:06:51+00:00| seen| https://t.me/ctinow/186866...

9.8CVSS7.3AI score0.01003EPSS
Exploits1References3
NVD
NVD
added 2024/01/23 6:15 p.m.38 views

CVE-2024-22203

Whoogle Search is a self-hosted metasearch engine. In versions prior to 0.8.4, the element method in app/routes.py does not validate the user-controlled srctype and elementurl variables and passes them to the send method which sends a GET request on lines 339-343 in request.py, which leads to a...

9.8CVSS9.1AI score0.01003EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/01/23 5:20 p.m.44 views

CVE-2024-22203 Whoogle Search Server Side Request Forgery vulnerability

Whoogle Search is a self-hosted metasearch engine. In versions prior to 0.8.4, the element method in app/routes.py does not validate the user-controlled srctype and elementurl variables and passes them to the send method which sends a GET request on lines 339-343 in request.py, which leads to a...

9.1CVSS9.5AI score0.01003EPSS
Exploits1References7
CVE
CVE
added 2024/01/23 5:20 p.m.43 views

CVE-2024-22203

Whoogle Search (self-hosted metasearch) is affected in versions before 0.8.4 by an SSRF flaw: the element method in app/routes.py fails to validate user-controlled src_type and element_url, forwarding them to send which performs a GET request. This allows crafting requests to internal and externa...

9.8CVSS9.1AI score0.01003EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder