Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sphider sphider vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-5082
Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1.3.6 and previous versions, Sphider Pro, and Sphider-plus allow remote malicious users to execute arbitrary SQL commands via the (1) site_id or (2) url parameter.
Sphider Sphider
Sphider Sphider 1.3.2
Sphider Sphider 1.3.3
Sphider Sphider 1.3.4
Sphider Sphider 1.3.5
2 EDB exploits
6.8
CVSSv2
CVE-2006-2506
Multiple cross-site scripting (XSS) vulnerabilities in search.php in Sphider allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO and (2) the category parameter.
Sphider Sphider 1.3
Sphider Sphider 1.3 Rc1
Sphider Sphider 1.3 Rc2
Sphider Sphider 1.3b
5.1
CVSSv2
CVE-2006-1784
PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and previous versions, when register_globals is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the settings_dir parameter.
Sphider Sphider 1.3
Sphider Sphider 1.3 Rc1
Sphider Sphider 1.3 Rc2
1 EDB exploit
9.8
CVSSv3
CVE-2014-5081
sphider before 1.3.6, sphider-pro before 3.2, and sphider-plus before 3.2 allow authentication bypass
Sphider Sphider
Sphiderpro Sphider Pro
Sphider-plus Sphider-plus
1 EDB exploit
8.8
CVSSv3
CVE-2014-5086
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only...
Sphider Sphider
Sphider-plus Sphider-plus
Sphiderpro Sphider Pro
1 EDB exploit
9.8
CVSSv3
CVE-2014-5087
A vulnerability exists in Sphider Search Engine before 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote malicious user execute arbitrary code.
Sphider Sphider
Sphider-plus Sphider-plus
Sphiderpro Sphider Pro
1 EDB exploit
7.5
CVSSv2
CVE-2006-7057
SQL injection vulnerability in search.php in Sphider prior to 1.3.1c allows remote malicious users to execute arbitrary SQL commands via the category parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE...
Sphider Sphider
7.5
CVSSv2
CVE-2007-2411
PHP remote file inclusion vulnerability in index.php in Sphider 1.2.x allows remote malicious users to execute arbitrary PHP code via a URL in the include_dir parameter. NOTE: a third party disputes this vulnerability, stating that "the application is not vulnerable to this ...
Sphider Sphider
4.3
CVSSv2
CVE-2006-7058
Multiple cross-site scripting (XSS) vulnerabilities in Sphider prior to 1.3.1c allow remote malicious users to inject arbitrary web script or HTML via the catid parameter to (1) templates/standard/search_form.html and (2) templates/dark/search_form.html. NOTE: the provenance of t...
Sphider Sphider
8.8
CVSSv3
CVE-2014-5083
A Command Execution vulnerability exists in Sphider prior to 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 pertains to instances of fwrite in Sphider.
Sphider Sphider
1 EDB exploit
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
apache atlas
wp html page sitemap
inject
everest forms
CVE-2025-25356
CVE-2024-47264
cross-site scripting
CVE-2025-0837
CVE-2025-25286
*
CVE-2024-12754
arbitrary code
CVE-2025-24472
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »