Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
searchblox vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-3597
servlet/CollectionListServlet in SearchBlox prior to 7.5 build 1 allows remote malicious users to read usernames and passwords via a getList action.
Searchblox Searchblox 7.1
Searchblox Searchblox 7.2
Searchblox Searchblox 7.3
Searchblox Searchblox 7.4
Searchblox Searchblox 6.2
Searchblox Searchblox 6.4
Searchblox Searchblox 7.0
Searchblox Searchblox
Searchblox Searchblox 6.3
1 EDB exploit
6.8
CVSSv2
CVE-2013-3590
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox prior to 7.5 build 1 allows remote malicious users to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as d...
Searchblox Searchblox 7.1
Searchblox Searchblox 7.0
Searchblox Searchblox 6.4
Searchblox Searchblox 6.3
Searchblox Searchblox 7.4
Searchblox Searchblox 7.2
Searchblox Searchblox
Searchblox Searchblox 7.3
Searchblox Searchblox 6.2
5
CVSSv2
CVE-2013-3598
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox prior to 7.5 build 1 allows remote malicious users to overwrite arbitrary files via a .. (dot dot) in the name parameter.
Searchblox Searchblox 6.4
Searchblox Searchblox 7.2
Searchblox Searchblox 7.3
Searchblox Searchblox 7.0
Searchblox Searchblox 7.1
Searchblox Searchblox 6.2
Searchblox Searchblox 6.3
Searchblox Searchblox 7.4
Searchblox Searchblox
NA
CVE-2020-10129
SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to access Admin functionality.
Searchblox Searchblox
1 Github repository
NA
CVE-2020-10131
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter.
Searchblox Searchblox
1 Github repository
7.5
CVSSv2
CVE-2015-0968
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox prior to 8.2 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension and the image/jpeg content type, a different vulnerability than CVE-2013-3590.
Searchblox Searchblox
5
CVSSv2
CVE-2015-0969
SearchBlox prior to 8.2 allows remote malicious users to obtain sensitive information via a pretty=true action to the _cluster/health URI.
Searchblox Searchblox
4.3
CVSSv2
CVE-2015-0967
Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox prior to 8.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the title field in the Create Featured Result form in admin/main.jsp.
Searchblox Searchblox
6.8
CVSSv2
CVE-2015-0970
Cross-site request forgery (CSRF) vulnerability in SearchBlox prior to 8.2 allows remote malicious users to hijack the authentication of arbitrary users.
Searchblox Searchblox
NA
CVE-2020-10128
SearchBlox product with version prior to 9.2.1 is vulnerable to stored cross-site scripting at multiple user input parameters. In SearchBlox products multiple parameters are not sanitized/validate properly which allows an malicious user to inject malicious JavaScript.
Searchblox Searchblox
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »