Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solr vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-6397
Directory traversal vulnerability in SolrResourceLoader in Apache Solr prior to 4.6 allows remote malicious users to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this ca...
Apache Solr 4.5.0
Apache Solr 4.0.0
Apache Solr
Apache Solr 4.2.1
Apache Solr 4.3.0
Apache Solr 4.4.0
Apache Solr 4.2.0
Apache Solr 4.3.1
Apache Solr 4.1.0
1 Github repository
571
VMScore
CVE-2013-6407
The UpdateRequestHandler for XML in Apache Solr prior to 4.1 allows remote malicious users to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Apache Solr 3.6.1
Apache Solr 3.6.0
Apache Solr 4.0.0
Apache Solr 3.6.2
Apache Solr
571
VMScore
CVE-2013-6408
The DocumentAnalysisRequestHandler in Apache Solr prior to 4.3.1 does not properly use the EmptyEntityResolver, which allows remote malicious users to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, relate...
Apache Solr 4.0.0
Apache Solr 3.6.1
Apache Solr 4.2.1
Apache Solr 3.6.0
Apache Solr 4.2.0
Apache Solr 3.6.2
Apache Solr 4.1.0
Apache Solr
383
VMScore
CVE-2013-6289
Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension prior to 2.8.3 for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ingo Renner Apache Solr 2.8.1
Ingo Renner Apache Solr 2.8.0
Ingo Renner Apache Solr 1.0
Ingo Renner Apache Solr 2.2.0
Ingo Renner Apache Solr 2.1.0
Ingo Renner Apache Solr 2.2.2
Ingo Renner Apache Solr 2.2.1
Ingo Renner Apache Solr
Ingo Renner Apache Solr 1.3.1
Ingo Renner Apache Solr 1.3.0
890
VMScore
CVE-2013-6288
Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension prior to 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."
Ingo Renner Apache Solr 2.1.0
Ingo Renner Apache Solr 1.3.1
Ingo Renner Apache Solr 2.8.0
Ingo Renner Apache Solr 2.2.2
Ingo Renner Apache Solr
Ingo Renner Apache Solr 2.8.1
Ingo Renner Apache Solr 1.3.0
Ingo Renner Apache Solr 1.0
Ingo Renner Apache Solr 2.2.1
Ingo Renner Apache Solr 2.2.0
383
VMScore
CVE-2012-6573
Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x prior to 6.x-1.4 and 7.x-1.x prior to 7.x-1.3 for Drupal allows remote malicious users to inject arbitrary web script or HTML via vectors involving autocomplete results.
Alejandro Garza Apachesolr Autocomplete 6.x-1.3
Alejandro Garza Apachesolr Autocomplete 6.x-1.x
Alejandro Garza Apachesolr Autocomplete 7.x-1.x
Alejandro Garza Apachesolr Autocomplete 6.x-1.0
Alejandro Garza Apachesolr Autocomplete 6.x-1.1
Alejandro Garza Apachesolr Autocomplete 6.x-1.2
Alejandro Garza Apachesolr Autocomplete 7.x-1.0
Alejandro Garza Apachesolr Autocomplete 7.x-1.1
Alejandro Garza Apachesolr Autocomplete 7.x-1.2
445
VMScore
CVE-2010-0185
The default configuration of Adobe ColdFusion 9.0 does not restrict access to collections that have been created by the Solr Service, which allows remote malicious users to obtain collection metadata, search information, and index data via a request to an unspecified URL.
Adobe Coldfusion 9.0
383
VMScore
CVE-2009-3821
Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Apache Solr 1.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7