Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by Unicode version of msearch
JVNDB-2005-000758
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
msearch directory traversal vulnerability
Details
msearch, a full-text search engine for web sites, contains a directory traversal vulnerability when used on Windows and Linux servers.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000758.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "msearch, a full-text search engine for web sites, contains a directory traversal vulnerability when used on Windows and Linux servers.",
"link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000758.html",
"sec:cpe": [
{
"#text": "cpe:/a:misc:kiteya_msearch",
"@product": "msearch",
"@vendor": "kiteya.net",
"@version": "2.2"
},
{
"#text": "cpe:/a:msearch:unicode_msearch",
"@product": "Unicode msearch",
"@vendor": "Unicode version of msearch",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2005-000758",
"sec:references": {
"#text": "http://jvn.jp/en/jp/JVN8BAAAB4E/index.html",
"@id": "JVN#8BAAAB4E",
"@source": "JVN"
},
"title": "msearch directory traversal vulnerability"
}
JVNDB-2005-000791
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
Cross-site scripting vulnerability in the Unicode version of msearch
Details
The Unicode version of msearch, a full text search engine for websites, contains a cross-site scripting vulnerability. This problem is caused by a function added to the Unicode version of msearch.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000791.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "The Unicode version of msearch, a full text search engine for websites, contains a cross-site scripting vulnerability. This problem is caused by a function added to the Unicode version of msearch.",
"link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000791.html",
"sec:cpe": {
"#text": "cpe:/a:msearch:unicode_msearch",
"@product": "Unicode msearch",
"@vendor": "Unicode version of msearch",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2005-000791",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN79925E6F/index.html",
"@id": "JVN#79925E6F",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2339",
"@id": "CVE-2005-2339",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-2339",
"@id": "CVE-2005-2339",
"@source": "NVD"
}
],
"title": "Cross-site scripting vulnerability in the Unicode version of msearch"
}