5 matches found
PT-2013-17: Arbitrary Files Reading in mnoGoSearch
Positive Technologies experts have detected an Arbitrary Files Reading vulnerability in mnoGoSearch. Passing startup parameters via QUERYSTRING http://tools.ietf.org/html/draft-robinson-www-interface-00section-7 for an application running in CGI mode can be used to set page template path variable...
PT-2013-18: Variables Overwriting in mnoGoSearch
Positive Technologies experts have detected a Cross-Site Scripting vulnerability in mnoGoSearch. Due to incorrect application architecture, all the template variables and variables sent by the client are stored in the same list. This vulnerability allows attackers to overwrite any uninitialized...
MNOGoSearch 3.1.20 - search.cgi?UL Remote Buffer Overflow (1)
MNOGoSearch 3.1.20 - search.cgi?UL Remote Buffer Overflow 1 source: https://www.securityfocus.com/bid/7865/info mnoGoSearch 'search.cgi' has been reported prone to a buffer overflow vulnerability. The issue is a result of a lack of sufficient bounds checking performed on user-supplied URI...
CVE-2002-0789
Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query q parameter...
CVE-2002-0789
Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query q parameter...