65 matches found
CVE-2011-5235
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link...
Sql injection
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link...
CVE-2011-5235
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link...
CVE-2011-5235
The affected product is mnoGoSearch (
FreeBSD Ports: mnogosearch
The remote host is missing an update to the system as announced in the referenced advisory. VID 87cc48fd-5fdd-11d8-80e3-0020ed76ef5a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: mnogosearch
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Vulnerability in mnoGoSearch
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в mnoGoSearch локальной поисковой системе. Уязвимость в скрипте search.php3 в параметре q. XSS: http://site/search/search.php3?q=3C/title3E3Cscript3Ealertdocument.cookie3C/script3E Уязвима версия mnoGoSearch 3.3.6 и...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. mnoGoSearch: crossite scripting in search.php3 via q parameter...
DTSA-103-1 mnogosearch - cross-site scripting
Bulletin has no description...
Cross site scripting
Cross-site scripting XSS vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist...
CVE-2007-5588
Cross-site scripting XSS vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist...
CVE-2007-5588
Cross-site scripting XSS vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist...
CVE-2007-5588
Cross-site scripting XSS vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist...
CVE-2007-5588
CVE-2007-5588 affects mnoGoSearch prior to 3.2.43. The vulnerability is a cross-site scripting (XSS) flaw triggered by the t parameter in search.cgi (reachable via search.htm-dist), allowing injection of arbitrary web script/HTML. Root cause is unsanitized user input in the t parameter. No explic...
mnoGoSearch 3.1.20 Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl reloaded Remote Exploit for mnoGoSearch 3.1.20 that performs remote command execution as the webserver user id for linux ix86 by pokleyzz use IO::Socket; $host = "127.0.0.1"; $cmd = "ls -la"; $searchpath = "/cgi-bin/search.cgi"; $rawret =...
Default credentials
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/databaseadminpass record, which...
CVE-2006-1772
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/databaseadminpass record, which...
CVE-2006-1772
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/databaseadminpass record, which...
CVE-2006-1772
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/databaseadminpass record, which...
CVE-2006-1772
CVE-2006-1772 affects Debian GNU/Linux where, during configuration of mnogosearch in the mnogosearch-common 3.2.31-1 package, the debconf process stores the cleartext database administrator password in a world-readable config.dat instead of the restricted passwords.dat in mnogosearch-common/datab...