CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBl...

7.5CVSS6.8AI score0.83418EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:4 p.m.•7 views

CVE-2020-10132

SearchBlox before Version 9.1 is vulnerable to cross-origin resource sharing misconfiguration...

6.1CVSS6.9AI score0.05029EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:4 p.m.•5 views

CVE-2020-10128

SearchBlox product with version before 9.2.1 is vulnerable to stored cross-site scripting at multiple user input parameters. In SearchBlox products multiple parameters are not sanitized/validate properly which allows an attacker to inject malicious JavaScript...

5.4CVSS6AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 1:47 a.m.•6 views

CVE-2013-3597

servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usernames and passwords via a getList action...

5CVSS6.8AI score0.38404EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 1:47 a.m.•7 views

CVE-2013-3590

Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to ...

6.8CVSS8.1AI score0.03762EPSS

Exploits0References1

OSV•added 2023/09/06 7:15 p.m.•2 views

CVE-2020-10131

SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter...

9.8CVSS5.8AI score0.0992EPSS

Exploits0References1

Positive Technologies•added 2023/09/06 12:0 a.m.•3 views

PT-2023-11441 · Unknown · Searchblox

Name of the Vulnerable Software and Affected Versions: SearchBlox versions prior to 9.2.1 Description: The issue allows a lower user to access Admin functionality, resulting in Privileged Escalation. Recommendations: For versions prior to 9.2.1, update to version 9.2.1 or later to resolve the iss...

8.8CVSS8.5AI score0.00213EPSS

Exploits0References4

CNNVD•added 2023/09/06 12:0 a.m.•2 views

SearchBlox Security Breach

SearchBlox is an application from US-based SearchBlox, Inc. provides a powerful enterprise search architecture for on-premise or cloud deployments. A security vulnerability exists in SearchBlox versions prior to 9.2.1. An attacker can escalate privileges by exploiting the vulnerability...

8.8CVSS6.9AI score0.00213EPSS

Exploits0References2

Positive Technologies•added 2023/09/05 12:0 a.m.•4 views

PT-2023-11440 · Unknown · Searchblox

Name of the Vulnerable Software and Affected Versions: SearchBlox versions prior to 9.2.1 Description: The issue concerns stored cross-site scripting in the SearchBlox product, where multiple user input parameters are not properly sanitized or validated. This allows an attacker to inject maliciou...

5.4CVSS5.2AI score0.00263EPSS

Exploits0References4

CVE•added 2021/05/20 3:25 p.m.•68 views

CVE-2020-35580

Summary: CVE-2020-35580 is a local file inclusion vulnerability in the SearchBlox FileServlet (versions before 9.2.2). The issue allows remote, unauthenticated attackers to read arbitrary files from the OS (via /searchblox/servlet/FileServlet?col=url=) and may expose the SearchBlox configuration ...

7.5CVSS7.3AI score0.83418EPSS

In wildExploits1References2Affected Software1