Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sphider sphider vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2014-5082
Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1.3.6 and previous versions, Sphider Pro, and Sphider-plus allow remote malicious users to execute arbitrary SQL commands via the (1) site_id or (2) url parameter.
Sphider Sphider 1.3.5Sphider Sphider 1.3.4Sphider Sphider 1.3.2Sphider SphiderSphider Sphider 1.3.3
NA
CVE-2006-2506
Multiple cross-site scripting (XSS) vulnerabilities in search.php in Sphider allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO and (2) the category parameter.
Sphider Sphider 1.3Sphider Sphider 1.3 Rc1Sphider Sphider 1.3 Rc2Sphider Sphider 1.3b
NA
CVE-2006-1784
PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and previous versions, when register_globals is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the settings_dir parameter.
Sphider Sphider 1.3Sphider Sphider 1.3 Rc1Sphider Sphider 1.3 Rc2
9.8
CVSSv3
CVE-2014-5081
sphider before 1.3.6, sphider-pro before 3.2, and sphider-plus before 3.2 allow authentication bypass
Sphider SphiderSphiderpro Sphider ProSphider-plus Sphider-plus
9.8
CVSSv3
CVE-2014-5087
A vulnerability exists in Sphider Search Engine before 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote malicious user execute arbitrary code.
Sphider SphiderSphider-plus Sphider-plusSphiderpro Sphider Pro
8.8
CVSSv3
CVE-2014-5086
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only...
Sphider SphiderSphider-plus Sphider-plusSphiderpro Sphider Pro
8.8
CVSSv3
CVE-2014-5083
A Command Execution vulnerability exists in Sphider prior to 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 pertains to instances of fwrite in Sphider.
Sphider Sphider
NA
CVE-2006-7058
Multiple cross-site scripting (XSS) vulnerabilities in Sphider prior to 1.3.1c allow remote malicious users to inject arbitrary web script or HTML via the catid parameter to (1) templates/standard/search_form.html and (2) templates/dark/search_form.html. NOTE: the provenance of t...
Sphider Sphider
NA
CVE-2006-7057
SQL injection vulnerability in search.php in Sphider prior to 1.3.1c allows remote malicious users to execute arbitrary SQL commands via the category parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE...
Sphider Sphider
NA
CVE-2007-2411
PHP remote file inclusion vulnerability in index.php in Sphider 1.2.x allows remote malicious users to execute arbitrary PHP code via a URL in the include_dir parameter. NOTE: a third party disputes this vulnerability, stating that "the application is not vulnerable to this ...
Sphider Sphider
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook