Mnogosearch » Mnogosearch : Security Vulnerabilities, CVEs,
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.
Max CVSS
7.5
EPSS Score
0.30%
Published
2012-10-25
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist.
Max CVSS
4.3
EPSS Score
0.26%
Published
2007-10-19
Updated
2017-07-29
Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms.
Max CVSS
4.3
EPSS Score
0.35%
Published
2004-12-10
Updated
2017-07-11
Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document.
Max CVSS
10.0
EPSS Score
4.90%
Published
2004-11-23
Updated
2017-07-11
Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.
Max CVSS
7.5
EPSS Score
1.84%
Published
2003-07-24
Updated
2008-09-10
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
Max CVSS
7.5
EPSS Score
1.84%
Published
2003-07-24
Updated
2008-09-10
Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter.
Max CVSS
7.5
EPSS Score
9.70%
Published
2002-08-12
Updated
2008-09-05
7 vulnerabilities found