CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Sphider: >> Sphider >> 1.3 Security Vulnerabilities

CVE-2006-2506

Multiple cross-site scripting (XSS) vulnerabilities in search.php in Sphider allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO and (2) the category parameter.

CVSS Score

6.8

EPSS Score

0.022

Published

2006-05-22

CVE-2006-1784

PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the settings_dir parameter.

CVSS Score

5.1

EPSS Score

0.072

Published

2006-04-13

Page 1

Vulnerabilities

Vulnerable Software

Sphider: >> Sphider >> 1.3 Security Vulnerabilities

Products

Pricing

Contact Us