Pro Search » Pro Search : Security Vulnerabilities, CVEs,
Multiple cross-site scripting (XSS) vulnerabilities in PRO-Search 0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prot, (2) host, (3) path, (4) name, (5) ext, (6) size, (7) search_days, or (8) show_page parameter to the default URI.
Max CVSS
4.3
EPSS Score
2.60%
Published
2008-01-10
Updated
2018-10-15
PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the show_page and time parameters to the default URI.
Max CVSS
5.0
EPSS Score
1.85%
Published
2008-01-10
Updated
2018-10-15
2 vulnerabilities found