Vulnerability Details CVE-2007-5588
Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.3%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/37929
- http://secunia.com/advisories/27263
- http://www.mnogosearch.org/doc/msearch-changelog.html
- http://www.securityfocus.com/bid/26114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37269
- http://osvdb.org/37929
- http://secunia.com/advisories/27263
- http://www.mnogosearch.org/doc/msearch-changelog.html
- http://www.securityfocus.com/bid/26114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37269
Products affected by CVE-2007-5588
-
cpe:2.3:a:mnogosearch:mnogosearch:3.1.19
-
cpe:2.3:a:mnogosearch:mnogosearch:3.1.20
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.10
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.13
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.14
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.15
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.16
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.17
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.18
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.19
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.20
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.21
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.22
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.23
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.24
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.25
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.26
-
cpe:2.3:a:mnogosearch:mnogosearch:3.2.42