CVE-2004-1059

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/12/2004
Last modified:
03/04/2025

Description

Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mnogosearch:mnogosearch:3.1.19:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.1.20:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.10:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.13:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.14:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.15:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.16:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.17:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.18:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.19:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.20:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.21:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.22:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.23:*:*:*:*:*:*:*
cpe:2.3:a:mnogosearch:mnogosearch:3.2.24:*:*:*:*:*:*:*