Vulnerabilities > Mnogosearch

DATE CVE VULNERABILITY TITLE RISK
2012-10-25 CVE-2011-5235 SQL Injection vulnerability in Mnogosearch
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.
network
low complexity
mnogosearch CWE-89
7.5
2007-10-19 CVE-2007-5588 Cross-Site Scripting vulnerability in Mnogosearch
Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist.
4.3
2004-12-10 CVE-2004-1059 Cross-Site Scripting vulnerability in mnoGoSearch
Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms.
network
mnogosearch
4.3
2004-11-23 CVE-2004-0288 Buffer Overflow vulnerability in mnoGoSearch UdmDocToTextBuf
Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document.
network
low complexity
mnogosearch
critical
10.0
2003-07-24 CVE-2003-0437 Buffer Overflow vulnerability in Mnogosearch 3.2.10
Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.
network
low complexity
mnogosearch
7.5
2003-07-24 CVE-2003-0436 Buffer Overflow vulnerability in Mnogosearch 3.1.20
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
network
low complexity
mnogosearch
7.5
2002-08-12 CVE-2002-0789 Buffer Overflow vulnerability in Mnogosearch 3.1.19
Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter.
network
low complexity
mnogosearch
7.5