Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sphider sphider vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5211
Cross-site scripting (XSS) vulnerability in search.php in Sphider 1.3.4, when the search suggestion feature is enabled, allows remote malicious users to inject arbitrary web script or HTML via the query parameter, a different vector than CVE-2006-2506.
Sphider Sphider 1.3.4
1 EDB exploit
NA
CVE-2014-5192
SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote malicious users to execute arbitrary SQL commands via the filter parameter.
Sphider Sphider 1.3.6
1 EDB exploit
NA
CVE-2014-5193
Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider 1.3.6 allows remote malicious users to inject arbitrary web script or HTML via the category parameter. NOTE: the url parameter vector is already covered by CVE-2014-5082.
Sphider Sphider 1.3.6
1 EDB exploit
NA
CVE-2014-5194
Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the _word_upper_bound parameter.
Sphider Sphider 1.3.6
1 EDB exploit
8.8
CVSSv3
CVE-2014-5085
A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pertains to instances of fwrite in Sphider Plus, but do not exist in either Sphider o...
Sphider-plus Sphider-plus 3.2
1 EDB exploit
8.8
CVSSv3
CVE-2014-5084
A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to instances of fwrite in Sphider Pro only, but do not exist in either Sphider or Sphider...
Sphiderpro Sphider Pro 3.2
1 EDB exploit
NA
CVE-2010-5044
SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. N...
Kanich Com Searchlog 3.1.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2