Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sphider sphider vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5082
Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1.3.6 and previous versions, Sphider Pro, and Sphider-plus allow remote malicious users to execute arbitrary SQL commands via the (1) site_id or (2) url parameter.
Sphider Sphider 1.3.5
Sphider Sphider 1.3.4
Sphider Sphider 1.3.2
Sphider Sphider
Sphider Sphider 1.3.3
2 EDB exploits
NA
CVE-2006-2506
Multiple cross-site scripting (XSS) vulnerabilities in search.php in Sphider allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO and (2) the category parameter.
Sphider Sphider 1.3
Sphider Sphider 1.3 Rc1
Sphider Sphider 1.3 Rc2
Sphider Sphider 1.3b
NA
CVE-2006-1784
PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and previous versions, when register_globals is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the settings_dir parameter.
Sphider Sphider 1.3
Sphider Sphider 1.3 Rc1
Sphider Sphider 1.3 Rc2
1 EDB exploit
9.8
CVSSv3
CVE-2014-5081
sphider before 1.3.6, sphider-pro before 3.2, and sphider-plus before 3.2 allow authentication bypass
Sphider Sphider
Sphiderpro Sphider Pro
Sphider-plus Sphider-plus
1 EDB exploit
9.8
CVSSv3
CVE-2014-5087
A vulnerability exists in Sphider Search Engine before 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote malicious user execute arbitrary code.
Sphider Sphider
Sphider-plus Sphider-plus
Sphiderpro Sphider Pro
1 EDB exploit
8.8
CVSSv3
CVE-2014-5086
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only...
Sphider Sphider
Sphider-plus Sphider-plus
Sphiderpro Sphider Pro
1 EDB exploit
8.8
CVSSv3
CVE-2014-5083
A Command Execution vulnerability exists in Sphider prior to 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 pertains to instances of fwrite in Sphider.
Sphider Sphider
1 EDB exploit
NA
CVE-2006-7058
Multiple cross-site scripting (XSS) vulnerabilities in Sphider prior to 1.3.1c allow remote malicious users to inject arbitrary web script or HTML via the catid parameter to (1) templates/standard/search_form.html and (2) templates/dark/search_form.html. NOTE: the provenance of t...
Sphider Sphider
NA
CVE-2006-7057
SQL injection vulnerability in search.php in Sphider prior to 1.3.1c allows remote malicious users to execute arbitrary SQL commands via the category parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE...
Sphider Sphider
NA
CVE-2007-2411
PHP remote file inclusion vulnerability in index.php in Sphider 1.2.x allows remote malicious users to execute arbitrary PHP code via a URL in the include_dir parameter. NOTE: a third party disputes this vulnerability, stating that "the application is not vulnerable to this ...
Sphider Sphider
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »