Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
searchblox searchblox vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-3597
servlet/CollectionListServlet in SearchBlox prior to 7.5 build 1 allows remote malicious users to read usernames and passwords via a getList action.
Searchblox Searchblox 7.1
Searchblox Searchblox 7.2
Searchblox Searchblox 7.3
Searchblox Searchblox 7.4
Searchblox Searchblox 6.2
Searchblox Searchblox 6.4
Searchblox Searchblox 7.0
Searchblox Searchblox
Searchblox Searchblox 6.3
1 EDB exploit
6.8
CVSSv2
CVE-2013-3590
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox prior to 7.5 build 1 allows remote malicious users to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as d...
Searchblox Searchblox 7.1
Searchblox Searchblox 7.0
Searchblox Searchblox 6.4
Searchblox Searchblox 6.3
Searchblox Searchblox 7.4
Searchblox Searchblox 7.2
Searchblox Searchblox
Searchblox Searchblox 7.3
Searchblox Searchblox 6.2
5
CVSSv2
CVE-2013-3598
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox prior to 7.5 build 1 allows remote malicious users to overwrite arbitrary files via a .. (dot dot) in the name parameter.
Searchblox Searchblox 6.4
Searchblox Searchblox 7.2
Searchblox Searchblox 7.3
Searchblox Searchblox 7.0
Searchblox Searchblox 7.1
Searchblox Searchblox 6.2
Searchblox Searchblox 6.3
Searchblox Searchblox 7.4
Searchblox Searchblox
4.3
CVSSv2
CVE-2015-0967
Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox prior to 8.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the title field in the Create Featured Result form in admin/main.jsp.
Searchblox Searchblox
5
CVSSv2
CVE-2015-0969
SearchBlox prior to 8.2 allows remote malicious users to obtain sensitive information via a pretty=true action to the _cluster/health URI.
Searchblox Searchblox
5
CVSSv2
CVE-2020-35580
A local file inclusion vulnerability in the FileServlet in all SearchBlox prior to 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the conte...
Searchblox Searchblox
4.3
CVSSv2
CVE-2015-3422
Cross-site scripting (XSS) vulnerability in SearchBlox prior to 8.2.1 allows remote malicious users to inject arbitrary web script or HTML via the menu2 parameter to admin/main.jsp.
Searchblox Searchblox
7.5
CVSSv2
CVE-2015-0968
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox prior to 8.2 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension and the image/jpeg content type, a different vulnerability than CVE-2013-3590.
Searchblox Searchblox
6.8
CVSSv2
CVE-2015-0970
Cross-site request forgery (CSRF) vulnerability in SearchBlox prior to 8.2 allows remote malicious users to hijack the authentication of arbitrary users.
Searchblox Searchblox
NA
CVE-2020-10129
SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to access Admin functionality.
Searchblox Searchblox
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »