Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms.
References
Link | Resource |
---|---|
http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030222.html | Patch Vendor Advisory |
http://www.mikx.de/index.php?p=6 | Patch Vendor Advisory |
http://www.mnogosearch.org/history.html | Patch Vendor Advisory |
http://www.securityfocus.com/bid/11895 | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/18434 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2004-12-10 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2004-1059
Mitre link : CVE-2004-1059
CVE.ORG link : CVE-2004-1059
JSON object : View
Products Affected
mnogosearch
- mnogosearch
CWE