Lucene search
K

65 matches found

NVD
NVD
added 2012/10/25 5:55 p.m.15 views

CVE-2011-5235

SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link...

7.5CVSS8.3AI score0.01889EPSS
Exploits0References5
Prion
Prion
added 2012/10/25 5:55 p.m.16 views

Sql injection

SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link...

7.5CVSS9AI score0.01889EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2012/10/25 5:0 p.m.18 views

CVE-2011-5235

SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link...

8.3AI score0.01889EPSS
Exploits0References5
CVE
CVE
added 2012/10/25 5:0 p.m.47 views

CVE-2011-5235

The affected product is mnoGoSearch (

7.5CVSS8.6AI score0.01889EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.26 views

FreeBSD Ports: mnogosearch

The remote host is missing an update to the system as announced in the referenced advisory. VID 87cc48fd-5fdd-11d8-80e3-0020ed76ef5a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

10CVSS0.2AI score0.05178EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.17 views

FreeBSD Ports: mnogosearch

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS7.1AI score0.05178EPSS
Exploits0References3
securityvulns
securityvulns
added 2008/04/20 12:0 a.m.34 views

Vulnerability in mnoGoSearch

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в mnoGoSearch локальной поисковой системе. Уязвимость в скрипте search.php3 в параметре q. XSS: http://site/search/search.php3?q=3C/title3E3Cscript3Ealertdocument.cookie3C/script3E Уязвима версия mnoGoSearch 3.3.6 и...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2008/04/20 12:0 a.m.30 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. mnoGoSearch: crossite scripting in search.php3 via q parameter...

2.5AI score
Exploits0References4Affected Software2
OSV
OSV
added 2007/12/25 12:0 a.m.7 views

DTSA-103-1 mnogosearch - cross-site scripting

Bulletin has no description...

4.3CVSS6.9AI score0.01089EPSS
Exploits0
Prion
Prion
added 2007/10/19 11:17 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist...

4.3CVSS6.1AI score0.01089EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2007/10/19 11:17 p.m.11 views

CVE-2007-5588

Cross-site scripting XSS vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist...

4.3CVSS5.7AI score0.01089EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2007/10/19 11:17 p.m.19 views

CVE-2007-5588

Cross-site scripting XSS vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist...

4.3CVSS6.1AI score0.01089EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/10/19 11:0 p.m.21 views

CVE-2007-5588

Cross-site scripting XSS vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist...

5.7AI score0.01089EPSS
Exploits0References5
CVE
CVE
added 2007/10/19 11:0 p.m.49 views

CVE-2007-5588

CVE-2007-5588 affects mnoGoSearch prior to 3.2.43. The vulnerability is a cross-site scripting (XSS) flaw triggered by the t parameter in search.cgi (reachable via search.htm-dist), allowing injection of arbitrary web script/HTML. Root cause is unsanitized user input in the t parameter. No explic...

4.3CVSS5.7AI score0.01089EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2006/10/24 12:0 a.m.36 views

mnoGoSearch 3.1.20 Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl reloaded Remote Exploit for mnoGoSearch 3.1.20 that performs remote command execution as the webserver user id for linux ix86 by pokleyzz use IO::Socket; $host = "127.0.0.1"; $cmd = "ls -la"; $searchpath = "/cgi-bin/search.cgi"; $rawret =...

7.1AI score
Exploits0
Prion
Prion
added 2006/04/13 10:2 a.m.22 views

Default credentials

debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/databaseadminpass record, which...

7.2CVSS6.6AI score0.00379EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2006/04/13 10:2 a.m.18 views

CVE-2006-1772

debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/databaseadminpass record, which...

7.2CVSS6.4AI score0.00379EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2006/04/13 10:2 a.m.32 views

CVE-2006-1772

debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/databaseadminpass record, which...

7.2CVSS5.9AI score0.00379EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/04/13 10:0 a.m.21 views

CVE-2006-1772

debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/databaseadminpass record, which...

6.4AI score0.00379EPSS
Exploits0References3
CVE
CVE
added 2006/04/13 10:0 a.m.47 views

CVE-2006-1772

CVE-2006-1772 affects Debian GNU/Linux where, during configuration of mnogosearch in the mnogosearch-common 3.2.31-1 package, the debconf process stores the cleartext database administrator password in a world-readable config.dat instead of the restricted passwords.dat in mnogosearch-common/datab...

7.2CVSS6.4AI score0.00379EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder