Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
searchblox vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-3590
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox prior to 7.5 build 1 allows remote malicious users to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as d...
Searchblox Searchblox 7.1
Searchblox Searchblox 7.0
Searchblox Searchblox 6.4
Searchblox Searchblox 6.3
Searchblox Searchblox 7.4
Searchblox Searchblox 7.2
Searchblox Searchblox
Searchblox Searchblox 7.3
Searchblox Searchblox 6.2
NA
CVE-2013-3598
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox prior to 7.5 build 1 allows remote malicious users to overwrite arbitrary files via a .. (dot dot) in the name parameter.
Searchblox Searchblox 6.4
Searchblox Searchblox 7.2
Searchblox Searchblox 7.3
Searchblox Searchblox 7.0
Searchblox Searchblox 7.1
Searchblox Searchblox 6.2
Searchblox Searchblox 6.3
Searchblox Searchblox 7.4
Searchblox Searchblox
NA
CVE-2013-3597
servlet/CollectionListServlet in SearchBlox prior to 7.5 build 1 allows remote malicious users to read usernames and passwords via a getList action.
Searchblox Searchblox 7.1
Searchblox Searchblox 7.2
Searchblox Searchblox 7.3
Searchblox Searchblox 7.4
Searchblox Searchblox 6.2
Searchblox Searchblox 6.4
Searchblox Searchblox 7.0
Searchblox Searchblox
Searchblox Searchblox 6.3
1 EDB exploit
8.8
CVSSv3
CVE-2020-10129
SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to access Admin functionality.
Searchblox Searchblox
1 Github repository
8.8
CVSSv3
CVE-2020-10130
SearchBlox before Version 9.1 is vulnerable to business logic bypass where the user is able to create multiple super admin users in the system.
Searchblox Searchblox
1 Github repository
9.8
CVSSv3
CVE-2020-10131
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter.
Searchblox Searchblox
1 Github repository
6.1
CVSSv3
CVE-2020-10132
SearchBlox before Version 9.1 is vulnerable to cross-origin resource sharing misconfiguration.
Searchblox Searchblox
1 Github repository
7.5
CVSSv3
CVE-2020-35580
A local file inclusion vulnerability in the FileServlet in all SearchBlox prior to 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the conte...
Searchblox Searchblox
NA
CVE-2015-0967
Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox prior to 8.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the title field in the Create Featured Result form in admin/main.jsp.
Searchblox Searchblox
NA
CVE-2015-0969
SearchBlox prior to 8.2 allows remote malicious users to obtain sensitive information via a pretty=true action to the _cluster/health URI.
Searchblox Searchblox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »