77 matches found
EUVD-2026-36768
An information disclosure vulnerability in the configuration endpoint of Ben Busby whoogle-search v1.2.3 allows attackers to obtain sensitive information via a crafted GET request...
CVE-2026-50870
An information disclosure vulnerability in the configuration endpoint of Ben Busby whoogle-search v1.2.3 allows attackers to obtain sensitive information via a crafted GET request...
CVE-2026-50870
An information disclosure vulnerability in the configuration endpoint of Ben Busby whoogle-search v1.2.3 allows attackers to obtain sensitive information via a crafted GET request...
PT-2026-49311
Name of the Vulnerable Software and Affected Versions whoogle-search version 1.2.3 Description An information disclosure issue in the configuration endpoint allows attackers to obtain sensitive information by sending a crafted GET request. Recommendations At the moment, there is no information...
CVE-2026-50870
CVE-2026-50870 describes an information-disclosure flaw in the configuration endpoint of Ben Busby’s whoogle-search v1.2.3. The vulnerability is triggered by a crafted GET request against the configuration endpoint, and allows attackers to obtain sensitive information. The available connected doc...
EUVD-2024-54416
Malicious code in bioql PyPI...
EUVD-2024-0192
Malicious code in bioql PyPI...
EUVD-2022-0365
Malicious code in bioql PyPI...
EUVD-2024-0189
Malicious code in bioql PyPI...
EUVD-2024-0190
Malicious code in bioql PyPI...
CVE-2024-22204
Whoogle Search is a self-hosted metasearch engine. Versions 0.8.3 and prior have a limited file write vulnerability when the configuration options in Whoogle are enabled. The config function in app/routes.py does not validate the user-controlled name variable on line 447 and configdata variable o...
CVE-2024-22417
Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the element method in app/routes.py does not validate the user-controlled srctype and elementurl variables and passes them to the send method which sends a GET request on lines 339-343 in requests.py. The returned...
Deserialization Of Untrusted Data
Whoogle Search is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper input sanitization due to the handling of crafted search queries in the /models/config.py component...
CVE-2024-53305
An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query...
Whoogle allows attackers to execute arbitrary code via supplying a crafted search query
An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query...
CVE-2024-53305
An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query...
CVE-2024-53305
An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query...
CVE-2024-53305
An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query...
whoogle-search 安全漏洞
whoogle-search is an application from the personal developer Ben Busby. Self-hosted, ad-free, privacy-respecting meta-search engine. A security vulnerability exists in whoogle-search version v0.9.0, which stems from the /models/config.py component that allows execution of arbitrary code via a...
CVE-2024-53305
An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query...