Vulnerabilities > Google > Mini Search Appliance > 3.4.14
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-10-06 | CVE-2007-5255 | Cross-Site Scripting vulnerability in Google Mini Search Appliance 3.4.14 Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance 3.4.14 allows remote attackers to inject arbitrary web script or HTML via the ie parameter to the /search URI. | 4.3 |
2006-09-27 | CVE-2006-5019 | Information Disclosure vulnerability in Google Mini Search Appliance 3.4.14/4.4.102.M.36 Google Mini 4.4.102.M.36 and earlier allows remote attackers to obtain sensitive information via a direct request for /search with an invalid client parameter, which reveals the path in an error message. | 5.0 |