Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google mini search appliance vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-6223
Cross-site scripting (XSS) vulnerability in Google Search Appliance and Google Mini allows remote malicious users to inject arbitrary web script or HTML via a UTF-7 encoded q parameter.
Google Mini Search Appliance
Google Search Appliance
4.3
CVSSv2
CVE-2005-3754
Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote malicious users to inject arbitrary Javascript, and possibly other web script or HTML, via the proxystylesheet variable, which will be executed in the res...
Google Mini Search Appliance
Google Search Appliance
5
CVSSv2
CVE-2005-3755
Directory traversal vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote malicious users to determine the existence of arbitrary files via a relative path from a style sheet directory, then comparing the resulting error messages.
Google Mini Search Appliance
Google Search Appliance
5
CVSSv2
CVE-2005-3756
Google Mini Search Appliance, and possibly Google Search Appliance, allows remote malicious users to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine open and closed ports.
Google Mini Search Appliance
Google Search Appliance
7.5
CVSSv2
CVE-2005-3757
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote malicious users to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, su...
Google Mini Search Appliance
Google Search Appliance
2 EDB exploits
4.3
CVSSv2
CVE-2005-3758
Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote malicious users to inject arbitrary Javascript, and possibly other web script or HTML, via a proxystylesheet variable that contains a malicious XSLT style...
Google Mini Search Appliance
Google Search Appliance
5
CVSSv2
CVE-2006-5019
Google Mini 4.4.102.M.36 and previous versions allows remote malicious users to obtain sensitive information via a direct request for /search with an invalid client parameter, which reveals the path in an error message.
Google Mini Search Appliance
1 EDB exploit
4.3
CVSSv2
CVE-2007-5255
Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance 3.4.14 allows remote malicious users to inject arbitrary web script or HTML via the ie parameter to the /search URI.
Google Mini Search Appliance 3.4.14
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started