Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sphider sphider vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2014-5082
Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1.3.6 and previous versions, Sphider Pro, and Sphider-plus allow remote malicious users to execute arbitrary SQL commands via the (1) site_id or (2) url parameter.
Sphider Sphider 1.3.5
Sphider Sphider 1.3.4
Sphider Sphider 1.3.2
Sphider Sphider
Sphider Sphider 1.3.3
2 EDB exploits
605
VMScore
CVE-2006-2506
Multiple cross-site scripting (XSS) vulnerabilities in search.php in Sphider allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO and (2) the category parameter.
Sphider Sphider 1.3
Sphider Sphider 1.3 Rc1
Sphider Sphider 1.3 Rc2
Sphider Sphider 1.3b
515
VMScore
CVE-2006-1784
PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and previous versions, when register_globals is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the settings_dir parameter.
Sphider Sphider 1.3
Sphider Sphider 1.3 Rc1
Sphider Sphider 1.3 Rc2
1 EDB exploit
755
VMScore
CVE-2014-5081
sphider before 1.3.6, sphider-pro before 3.2, and sphider-plus before 3.2 allow authentication bypass
Sphider Sphider
Sphiderpro Sphider Pro
Sphider-plus Sphider-plus
1 EDB exploit
655
VMScore
CVE-2014-5086
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only...
Sphider Sphider
Sphider-plus Sphider-plus
Sphiderpro Sphider Pro
1 EDB exploit
755
VMScore
CVE-2014-5087
A vulnerability exists in Sphider Search Engine before 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote malicious user execute arbitrary code.
Sphider Sphider
Sphider-plus Sphider-plus
Sphiderpro Sphider Pro
1 EDB exploit
383
VMScore
CVE-2006-7058
Multiple cross-site scripting (XSS) vulnerabilities in Sphider prior to 1.3.1c allow remote malicious users to inject arbitrary web script or HTML via the catid parameter to (1) templates/standard/search_form.html and (2) templates/dark/search_form.html. NOTE: the provenance of t...
Sphider Sphider
668
VMScore
CVE-2007-2411
PHP remote file inclusion vulnerability in index.php in Sphider 1.2.x allows remote malicious users to execute arbitrary PHP code via a URL in the include_dir parameter. NOTE: a third party disputes this vulnerability, stating that "the application is not vulnerable to this ...
Sphider Sphider
655
VMScore
CVE-2014-5083
A Command Execution vulnerability exists in Sphider prior to 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 pertains to instances of fwrite in Sphider.
Sphider Sphider
1 EDB exploit
668
VMScore
CVE-2006-7057
SQL injection vulnerability in search.php in Sphider prior to 1.3.1c allows remote malicious users to execute arbitrary SQL commands via the category parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE...
Sphider Sphider
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »