Vulnerability Details CVE-2004-1059
Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030222.html
- http://www.mikx.de/index.php?p=6
- http://www.mnogosearch.org/history.html
- http://www.securityfocus.com/bid/11895
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18434
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030222.html
- http://www.mikx.de/index.php?p=6
- http://www.mnogosearch.org/history.html
- http://www.securityfocus.com/bid/11895
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18434
Products affected by CVE-2004-1059
-
cpe:2.3:a:mnogosearch:mnogosearch:3.1.19
-
cpe:2.3:a:mnogosearch:mnogosearch:3.1.20
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.10
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.13
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.14
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.15
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.16
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.17
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.18
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.19
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.20
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.21
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.22
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.23
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.24
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.25
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.26