Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pro search pro search vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2014-5085
A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pertains to instances of fwrite in Sphider Plus, but do not exist in either Sphider o...
Sphider-plus Sphider-plus 3.2
1 EDB exploit
7.5
CVSSv2
CVE-2006-6111
Multiple SQL injection vulnerabilities in Alan Ward A-Cart Pro 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) productid parameter in product.asp or (2) search parameter in search.asp. NOTE: the category.asp vector is already covered by CVE-2004-187...
Alan Ward A-cart 2.0
1 EDB exploit
3.5
CVSSv2
CVE-2018-9122
In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the term parameter to the /search URI.
Crea8social Crea8social 2018.2
4.3
CVSSv2
CVE-2020-12054
The Catch Breadcrumb plugin prior to 1.5.4 for WordPress allows Reflected XSS via the s parameter (a search query). Also affected are 16 themes (if the plugin is enabled) by the same author: Alchemist and Alchemist PRO, Izabel and Izabel PRO, Chique and Chique PRO, Clean Enterpri...
Catchplugins Catch Breadcrumb
4.3
CVSSv2
CVE-2005-4252
Cross-site scripting (XSS) vulnerability in mcGallery PRO 2.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified search module parameters.
NA
CVE-2022-37329
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Quartus Prime
Intel Fpga Software Development Kit
NA
CVE-2022-41693
Uncontrolled search path in the Intel(R) Quartus(R) Prime Pro edition software before version 22.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Quartus Prime
NA
CVE-2024-21777
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro Edition Design software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
NA
CVE-2023-24016
Uncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software for linux may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Quartus Prime
NA
CVE-2022-43474
Uncontrolled search path for the DSP Builder software installer before version 22.4 for Intel(R) FPGAs Pro Edition may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Dsp Builder
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »