Vulnerabilities > Mnogosearch > Mnogosearch > 3.2.42
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-10-25 | CVE-2011-5235 | SQL Injection vulnerability in Mnogosearch SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link. | 7.5 |
2007-10-19 | CVE-2007-5588 | Cross-Site Scripting vulnerability in Mnogosearch Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist. | 4.3 |