Aggregates CVE and security vulnerability intelligence across all mnogosearch-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact session compromise and vendor impact data exposure.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2011-5235 | SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link. | [email protected] | 7.5 | 0.41% | 2012-10-25 | 2026-04-29 |
| CVE-2007-5588 | Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist. | [email protected] | 4.3 | 0.35% | 2007-10-19 | 2026-04-23 |
| CVE-2004-1059 | Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms. | [email protected] | 4.3 | 0.55% | 2004-12-10 | 2026-04-16 |
| CVE-2004-0288 | Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document. | [email protected] | 10.0 | 5.17% | 2004-11-23 | 2026-04-16 |
| CVE-2003-0437 | Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter. | [email protected] | 7.5 | 5.43% | 2003-07-24 | 2026-04-16 |
| CVE-2003-0436 | Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter. | [email protected] | 7.5 | 12.75% | 2003-07-24 | 2026-04-16 |
| CVE-2002-0789 | Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter. | [email protected] | 7.5 | 4.10% | 2002-08-12 | 2026-04-16 |