Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Searchblox Subscribe
Filtered by product Searchblox

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-3422 1 Searchblox 1 Searchblox 2018-10-09 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in SearchBlox before 8.2.1 allows remote attackers to inject arbitrary web script or HTML via the menu2 parameter to admin/main.jsp.
CVE-2015-0969 1 Searchblox 1 Searchblox 2015-04-20 5.0 MEDIUM N/A
SearchBlox before 8.2 allows remote attackers to obtain sensitive information via a pretty=true action to the _cluster/health URI.
CVE-2015-0968 1 Searchblox 1 Searchblox 2015-04-20 7.5 HIGH N/A
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 8.2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and the image/jpeg content type, a different vulnerability than CVE-2013-3590.
CVE-2015-0967 1 Searchblox 1 Searchblox 2015-04-20 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox before 8.2 allow remote attackers to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the title field in the Create Featured Result form in admin/main.jsp.
CVE-2013-3590 1 Searchblox 1 Searchblox 2013-10-07 6.8 MEDIUM N/A
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to a JSP file.
CVE-2013-3598 1 Searchblox 1 Searchblox 2013-09-11 5.0 MEDIUM N/A
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the name parameter.
CVE-2013-3597 1 Searchblox 1 Searchblox 2013-09-05 5.0 MEDIUM N/A
servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usernames and passwords via a getList action.