Lucene search
K

25 matches found

NVD
NVD
added 2026/04/24 3:16 p.m.7 views

CVE-2025-61872

Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying results that can trigger XSS via a malicious search query string. This occurs in the 'search site' feature when using the Elasticsearch7 search plugin. The Elasticsearch function does not properly sanitize input in the query paramete...

6.1CVSS0.00192EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/24 12:0 a.m.5 views

CVE-2025-61872

Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying results that can trigger XSS via a malicious search query string. This occurs in the 'search site' feature when using the Elasticsearch7 search plugin. The Elasticsearch function does not properly sanitize input in the query paramete...

5.2AI score0.00192EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/24 12:0 a.m.5 views

EUVD-2025-209573

Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying results that can trigger XSS via a malicious search query string. This occurs in the 'search site' feature when using the Elasticsearch7 search plugin. The Elasticsearch function does not properly sanitize input in the query paramete...

6.1CVSS5.1AI score0.00192EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.16 views

PT-2026-34881

Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying results that can trigger XSS via a malicious search query string. This occurs in the 'search site' feature when using the Elasticsearch7 search plugin. The Elasticsearch function does not properly sanitize input in the query paramete...

6.1CVSS5.1AI score0.00192EPSS
Exploits0References4
CVE
CVE
added 2026/04/24 12:0 a.m.14 views

CVE-2025-61872

CVE-2025-61872 affects Mahara prior to 25.04.2 and 24.04.11. The issue occurs in the search site feature when using the Elasticsearch7 search plugin, where the Elasticsearch function does not properly sanitize input in the query parameter, potentially allowing a malicious search query to trigger ...

6.1CVSS5.2AI score0.00192EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:0 a.m.4 views

CVE-2025-61872

Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying results that can trigger XSS via a malicious search query string. This occurs in the 'search site' feature when using the Elasticsearch7 search plugin. The Elasticsearch function does not properly sanitize input in the query paramete...

5.2AI score0.00192EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2006-0251

Malware in sbrugna...

4.3CVSS6.4AI score0.0118EPSS
Exploits0References6
Openbugbounty
Openbugbounty
added 2018/08/02 8:5 p.m.8 views

mardigras.org.au XSS vulnerability

Open Bug Bounty ID: OBB-657598 Description| Value ---|--- Affected Website:| mardigras.org.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2017/04/22 7:13 p.m.17 views

luxottica.com XSS vulnerability

Vulnerable URL: http://www.luxottica.com/en/search/site/"/alert/openbugbounty/...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/09/21 12:51 p.m.7 views

sete.port.fr XSS vulnerability

Vulnerable URL: http://www.sete.port.fr/fr/search/site/%3Cscript%3Ealert'OPENBUGBOUNTY'%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2095777 VIP website status:| No...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/11/03 1:43 p.m.9 views

clo-cartoon.fr XSS vulnerability

Vulnerable URL: http://www.clo-cartoon.fr//search/site/?q= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP website status:| No...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/11/02 10:58 p.m.6 views

annuaireweb62.fr XSS vulnerability

Vulnerable URL: http://www.annuaireweb62.fr//search/site/?q= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 1 VIP website status:| No...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/10/29 1:41 p.m.11 views

elevagedupetitverger.com XSS vulnerability

Vulnerable URL: http://www.elevagedupetitverger.com//search/site/?q= Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 20:28 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/10/29 7:59 a.m.8 views

chien-admis.be XSS vulnerability

Vulnerable URL: http://www.chien-admis.be//search/site/?q= Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 20:16 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1405478 Google Pagerank| 4 VIP website status:| ...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/10/29 12:49 a.m.8 views

saladeat.re XSS vulnerability

Vulnerable URL: http://www.saladeat.re//search/site/?q= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP website status:| No Check...

6.3AI score
Exploits0
NVD
NVD
added 2010/06/03 4:30 p.m.15 views

CVE-2010-2154

Cross-site scripting XSS vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS5.8AI score0.02995EPSS
Exploits1References5
Prion
Prion
added 2010/06/03 4:30 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS6.3AI score0.02995EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2010/06/03 4:0 p.m.45 views

CVE-2010-2154

CMScout is affected by a Cross-Site Scripting (XSS) vulnerability in the Search Site. The issue concerns the search parameter in CMScout 2.09 (and possibly other versions), where an attacker can inject arbitrary web script or HTML. The underlying cause is XSS in the search input, allowing remote ...

4.3CVSS6AI score0.02995EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2010/06/03 4:0 p.m.21 views

CVE-2010-2154

Cross-site scripting XSS vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information...

5.8AI score0.02995EPSS
Exploits1References5
Prion
Prion
added 2007/09/18 8:17 p.m.15 views

Sql injection

SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action...

7.5CVSS8.9AI score0.01006EPSS
Exploits0References3
Rows per page
Query Builder