Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solr vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6397
Directory traversal vulnerability in SolrResourceLoader in Apache Solr prior to 4.6 allows remote malicious users to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this ca...
Apache Solr 4.5.0
Apache Solr 4.0.0
Apache Solr
Apache Solr 4.2.1
Apache Solr 4.3.0
Apache Solr 4.4.0
Apache Solr 4.2.0
Apache Solr 4.3.1
Apache Solr 4.1.0
1 Github repository
NA
CVE-2013-6407
The UpdateRequestHandler for XML in Apache Solr prior to 4.1 allows remote malicious users to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Apache Solr 3.6.1
Apache Solr 3.6.0
Apache Solr 4.0.0
Apache Solr 3.6.2
Apache Solr
NA
CVE-2013-6408
The DocumentAnalysisRequestHandler in Apache Solr prior to 4.3.1 does not properly use the EmptyEntityResolver, which allows remote malicious users to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, relate...
Apache Solr 4.0.0
Apache Solr 3.6.1
Apache Solr 4.2.1
Apache Solr 3.6.0
Apache Solr 4.2.0
Apache Solr 3.6.2
Apache Solr 4.1.0
Apache Solr
NA
CVE-2013-6288
Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension prior to 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."
Ingo Renner Apache Solr 2.1.0
Ingo Renner Apache Solr 1.3.1
Ingo Renner Apache Solr 2.8.0
Ingo Renner Apache Solr 2.2.2
Ingo Renner Apache Solr
Ingo Renner Apache Solr 2.8.1
Ingo Renner Apache Solr 1.3.0
Ingo Renner Apache Solr 1.0
Ingo Renner Apache Solr 2.2.1
Ingo Renner Apache Solr 2.2.0
NA
CVE-2013-6289
Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension prior to 2.8.3 for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ingo Renner Apache Solr 2.8.1
Ingo Renner Apache Solr 2.8.0
Ingo Renner Apache Solr 1.0
Ingo Renner Apache Solr 2.2.0
Ingo Renner Apache Solr 2.1.0
Ingo Renner Apache Solr 2.2.2
Ingo Renner Apache Solr 2.2.1
Ingo Renner Apache Solr
Ingo Renner Apache Solr 1.3.1
Ingo Renner Apache Solr 1.3.0
NA
CVE-2012-6573
Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x prior to 6.x-1.4 and 7.x-1.x prior to 7.x-1.3 for Drupal allows remote malicious users to inject arbitrary web script or HTML via vectors involving autocomplete results.
Alejandro Garza Apachesolr Autocomplete 6.x-1.3
Alejandro Garza Apachesolr Autocomplete 6.x-1.x
Alejandro Garza Apachesolr Autocomplete 7.x-1.x
Alejandro Garza Apachesolr Autocomplete 6.x-1.0
Alejandro Garza Apachesolr Autocomplete 6.x-1.1
Alejandro Garza Apachesolr Autocomplete 6.x-1.2
Alejandro Garza Apachesolr Autocomplete 7.x-1.0
Alejandro Garza Apachesolr Autocomplete 7.x-1.1
Alejandro Garza Apachesolr Autocomplete 7.x-1.2
NA
CVE-2010-0185
The default configuration of Adobe ColdFusion 9.0 does not restrict access to collections that have been created by the Solr Service, which allows remote malicious users to obtain collection metadata, search information, and index data via a request to an unspecified URL.
Adobe Coldfusion 9.0
NA
CVE-2009-3821
Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Apache Solr 1.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7