Lucene search
K

13 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

RiSearch 0.99 /RiSearch Pro 3.2.6 show.pl Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/10812/info RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on user supplied URI parameters. A...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

RiSearch 0.99 /RiSearch Pro 3.2.6 show.pl Open Proxy Relay

No description provided by source. source: http://www.securityfocus.com/bid/10812/info RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on user supplied URI parameters. A...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/01/16 12:0 a.m.26 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. RiSearch PHP: crossite scripting...

1.5AI score
Exploits0References5
securityvulns
securityvulns
added 2008/01/15 12:0 a.m.34 views

Cross-Site Scripting vulnerability in RiSearch PHP

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в RiSearch PHP это локальный поисковый движок. XSS: http://site/search/searchru.php?query=223E3Cscript3Ealertdocument.cookie3C/script3E Уязвимы старые версии движка. Последняя версия движка уже неуязвима...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2008/01/13 12:0 a.m.37 views

Cross-Site Scripting vulnerability in RiSearch

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в RiSearch это локальный поисковый движок. XSS: http://site/search.pl?query=3Cscript3Ealertdocument.cookie3C/script3E Уязвима версия RiSearch 0.99.02 и все предыдущие, а также потенциально последующие версии...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2008/01/13 12:0 a.m.24 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. RiSearch: crossite scripting...

1.4AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2006/12/08 12:0 a.m.15 views

RiSearch和RiSearchPro多个安全漏洞 Exploit

No description provided by source. Phil Robinson、Gerald Gallagher和Kendric Tang提供了如下测试方法: http://10.0.0.0/cgi-bin/search/show.pl?url=http://www.google.com http://10.0.0.0/cgi-bin/search/show.pl?url=http://192.168.0.1 http://10.0.0.0/cgi-bin/search/show.pl?url=http://localhost:8080...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.23 views

RiSearch Arbitrary File Access Vulnerability - Active Check

RiSearch is prone to a flaw that may lead to an unauthorized information disclosure. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.8CVSS9.3AI score0.05703EPSS
Exploits1References1
CVE
CVE
added 2005/05/10 4:0 a.m.55 views

CVE-2004-2061

RiSearch shows a vulnerability in the show.pl CGI script that allows an attacker to use the remote host as an open proxy and to read arbitrary local files by passing a url parameter with http://, ftp://, or file://. Affected software/versions include RiSearch 1.0.01 and RiSearch Pro 3.2.06. The u...

9.8CVSS9.3AI score0.05703EPSS
Exploits1References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2004/08/04 12:0 a.m.23 views

RiSearch show.pl Arbitrary File Access

The remote host appears to be running RiSearch, a local search engine. This version contains an information disclosure vulnerability. Passing a local file URI to 'show.pl' reveals that file's contents. A remote attacker could use this information to read arbitrary files from the system, which cou...

9.8CVSS5.7AI score0.05703EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2004/08/02 12:0 a.m.35 views

RiSearch show.pl Open Proxy Relay

The remote host seems to be running RiSearch, a local search engine. There is a flaw in the CGI 'show.pl' which is bundled with this software that could allow an attacker to use the remote host as an open proxy by doing a request like :...

9.8CVSS5.6AI score0.05703EPSS
Exploits1References1
securityvulns
securityvulns
added 2004/07/28 12:0 a.m.30 views

IRM 009: RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- IRM Security Advisory No. 009 RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities Vulnerablity Type / Importance: Network Subversion, Open Proxy, Brute-For...

7.1AI score
Exploits0
NVD
NVD
added 2004/07/27 4:0 a.m.14 views

CVE-2004-2061

RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a 1 http://, 2 ftp://, or 3 file:// URL...

9.8CVSS9.3AI score0.05703EPSS
Exploits1References7
Rows per page
Query Builder