Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
searchblox vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-3590
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox prior to 7.5 build 1 allows remote malicious users to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as d...
Searchblox Searchblox 7.1
Searchblox Searchblox 7.0
Searchblox Searchblox 6.4
Searchblox Searchblox 6.3
Searchblox Searchblox 7.4
Searchblox Searchblox 7.2
Searchblox Searchblox
Searchblox Searchblox 7.3
Searchblox Searchblox 6.2
NA
CVE-2013-3598
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox prior to 7.5 build 1 allows remote malicious users to overwrite arbitrary files via a .. (dot dot) in the name parameter.
Searchblox Searchblox 6.4
Searchblox Searchblox 7.2
Searchblox Searchblox 7.3
Searchblox Searchblox 7.0
Searchblox Searchblox 7.1
Searchblox Searchblox 6.2
Searchblox Searchblox 6.3
Searchblox Searchblox 7.4
Searchblox Searchblox
NA
CVE-2013-3597
servlet/CollectionListServlet in SearchBlox prior to 7.5 build 1 allows remote malicious users to read usernames and passwords via a getList action.
Searchblox Searchblox 7.1
Searchblox Searchblox 7.2
Searchblox Searchblox 7.3
Searchblox Searchblox 7.4
Searchblox Searchblox 6.2
Searchblox Searchblox 6.4
Searchblox Searchblox 7.0
Searchblox Searchblox
Searchblox Searchblox 6.3
1 EDB exploit
8.8
CVSSv3
CVE-2020-10129
SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to access Admin functionality.
Searchblox Searchblox
1 Github repository
8.8
CVSSv3
CVE-2020-10130
SearchBlox before Version 9.1 is vulnerable to business logic bypass where the user is able to create multiple super admin users in the system.
Searchblox Searchblox
1 Github repository
9.8
CVSSv3
CVE-2020-10131
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter.
Searchblox Searchblox
1 Github repository
6.1
CVSSv3
CVE-2020-10132
SearchBlox before Version 9.1 is vulnerable to cross-origin resource sharing misconfiguration.
Searchblox Searchblox
1 Github repository
7.5
CVSSv3
CVE-2020-35580
A local file inclusion vulnerability in the FileServlet in all SearchBlox prior to 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the conte...
Searchblox Searchblox
NA
CVE-2015-0967
Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox prior to 8.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the title field in the Create Featured Result form in admin/main.jsp.
Searchblox Searchblox
NA
CVE-2015-0969
SearchBlox prior to 8.2 allows remote malicious users to obtain sensitive information via a pretty=true action to the _cluster/health URI.
Searchblox Searchblox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »