Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sphider_pro
(Sphiderpro)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-02-10 | CVE-2014-5086 | A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider. | Sphider, Sphider\-Plus, Sphider_pro | 8.8 | ||
| 2020-02-07 | CVE-2014-5087 | A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote malicious user execute arbitrary code. | Sphider, Sphider\-Plus, Sphider_pro | 9.8 | ||
| 2020-01-10 | CVE-2014-5081 | sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass | Sphider, Sphider\-Plus, Sphider_pro | 9.8 | ||
| 2020-02-10 | CVE-2014-5084 | A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to instances of fwrite in Sphider Pro only, but do not exist in either Sphider or Sphider Plus. | Sphider_pro | 8.8 |