Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2010/03/22 12:0 a.m.31 views

DNN (DotNetNuke) < 5.3.0 SearchResults.aspx XSS

The version of DNN installed on the remote host is affected by a cross-site scripting vulnerability due to a failure to properly sanitize user-supplied input to the 'Search' parameter of the 'SearchResults.aspx' script before using it to generate dynamic HTML output. An unauthenticated, remote...

4.3CVSS5.8AI score0.01659EPSS
Exploits0References2
NVD
NVD
added 2009/11/29 1:8 p.m.24 views

CVE-2009-4110

Cross-site scripting XSS vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page...

4.3CVSS5.6AI score0.01659EPSS
Exploits0References5
CVE
CVE
added 2009/11/28 11:0 a.m.68 views

CVE-2009-4110

The CVE-2009-4110 entry applies to DotNetNuke (DNN) 4.8.x through 5.1.4, where the Search functionality in SearchResults.aspx is vulnerable to cross-site scripting (XSS) due to insufficient sanitization of the user-provided search terms before dynamic HTML output. The vulnerability is exploitable...

4.3CVSS5.6AI score0.01659EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/11/28 11:0 a.m.24 views

CVE-2009-4110

Cross-site scripting XSS vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page...

5.6AI score0.01659EPSS
Exploits0References5
Rows per page
Query Builder