Mnogosearch: >> Mnogosearch >> 3.2.19 Security Vulnerabilities
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.
CVSS Score
7.5
EPSS Score
0.005
Published
2012-10-25
Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist.
CVSS Score
4.3
EPSS Score
0.003
Published
2007-10-19
Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms.
CVSS Score
4.3
EPSS Score
0.005
Published
2004-12-10