Mini Search Appliance Security Vulnerabilities and Issues — Mini Search Appliance CVE List

GoogleMini Search Appliance

8 matches found

CVE•added 2005/11/22 9:0 p.m.•69 views

CVE-2005-3756

Nessus plugin data in the connected document associates CVE-2005-3756 with Google Search Appliance proxystylesheet vulnerabilities that include remote access flaws enabling port scanning and potential code execution (via unsanitized proxystylesheet input). The CVE description in the initial docum...

5CVSS6.9AI score0.01848EPSS

CVE•added 2005/11/22 9:0 p.m.•63 views

CVE-2005-3758

CVE-2005-3758 is an XSS in Google Mini Search Appliance (and possibly Google Search Appliance) triggered by a malicious proxystylesheet in the proxystylesheet variable, allowing remote injection of Javascript/HTML. Affected: proxystylesheet handling; vulnerability type: XSS. Impact (per provided ...

4.3CVSS5.9AI score0.1911EPSS

CVE•added 2005/11/22 9:0 p.m.•58 views

CVE-2005-3755

CVE-2005-3755 describes a directory traversal vulnerability in Google Mini Search Appliance (and possibly Google Search Appliance). The issue allows remote attackers to determine existence of arbitrary files by supplying a relative path from a style sheet directory and inspecting error messages. ...

5CVSS6.8AI score0.03599EPSS

CVE•added 2005/11/22 9:0 p.m.•56 views

CVE-2005-3754

CVE-2005-3754 describes a cross-site scripting (XSS) vulnerability in the Google Mini Search Appliance, and possibly Google Search Appliance, caused by insufficient sanitization of the proxystylesheet parameter. The flaw allows remote attackers to inject arbitrary Javascript (and potentially othe...

4.3CVSS5.9AI score0.02483EPSS

CVE•added 2005/11/22 9:0 p.m.•56 views

CVE-2005-3757

The CVE-2005-3757 issue affects the Saxon XSLT parser used by Google Mini Search Appliance (and possibly Google Search Appliance). The vulnerability arises from dangerous Java methods (system-property, sys:getProperty, run:exec) in the select attribute of xsl:value-of in XSLT style sheets, enabli...

7.5CVSS7.4AI score0.42176EPSS

Web

CVE•added 2006/12/02 2:0 a.m.•52 views

CVE-2006-6223

The vulnerability CVE-2006-6223 affects Google Mini and Google Search Appliance. Both products fail to handle UTF-7 encoded URIs, which may allow a remote, unauthenticated attacker to inject arbitrary content (including script) into web pages, potentially reading or modifying page data and relate...

4.3CVSS5.6AI score0.02938EPSS

CVE•added 2007/10/06 5:0 p.m.•52 views

CVE-2007-5255

CVE-2007-5255 describes an XSS vulnerability in Google Mini Search Appliance 3.4.14. The flaw allows remote attackers to inject arbitrary web script or HTML by supplying content to the ie parameter of the /search URI. The issue is evidenced in multiple sources (NVD/NVD-affiliates, Nessus plugin) ...

4.3CVSS5.6AI score0.02018EPSS

CVE•added 2006/09/27 11:0 p.m.•51 views

CVE-2006-5019

CVE-2006-5019 affects Google Mini up to version 4.4.102.M.36. The issue is an information-disclosure vulnerability: an attacker can issue a direct request to /search with an invalid client parameter and the error message reveals the path, exposing partial confidentiality risk. The NVD entry lists...

5CVSS6.5AI score0.04021EPSS