Known Vulnerabilities for products from Sphider
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Sphider".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2014-5194 json | Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary... | Not Provided | 2014-08-07 | 2026-05-06 |
| CVE-2014-5193 json | Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to inject arbitrary web ... | Not Provided | 2014-08-07 | 2026-05-06 |
| CVE-2014-5192 json | SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to execute arbitrary SQL commands via... | Not Provided | 2014-08-07 | 2026-05-06 |
| CVE-2014-5087 json | A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a ... | 9.8 - CRITICAL | 2020-02-07 | 2021-08-16 |
| CVE-2014-5086 json | A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to c... | 8.8 - HIGH | 2020-02-10 | 2021-09-09 |
| CVE-2014-5083 json | A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of fwrite to conf.php, whic... | 8.8 - HIGH | 2020-02-10 | 2020-02-14 |
| CVE-2014-5082 json | Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1.3.6 and earlier, Sphider Pro, and Sphider-plus allow r... | Not Provided | 2014-08-06 | 2026-05-06 |
| CVE-2014-5081 json | sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass | 9.8 - CRITICAL | 2020-01-10 | 2021-08-16 |
| CVE-2008-5211 json | Cross-site scripting (XSS) vulnerability in search.php in Sphider 1.3.4, when the search suggestion feature is enabled, allow... | Not Provided | 2008-11-24 | 2026-04-23 |
| CVE-2007-2411 json | PHP remote file inclusion vulnerability in index.php in Sphider 1.2.x allows remote attackers to execute arbitrary PHP code v... | Not Provided | 2007-05-01 | 2026-04-23 |
| CVE-2006-7058 json | Multiple cross-site scripting (XSS) vulnerabilities in Sphider before 1.3.1c allow remote attackers to inject arbitrary web s... | Not Provided | 2007-02-24 | 2026-04-23 |
| CVE-2006-7057 json | SQL injection vulnerability in search.php in Sphider before 1.3.1c allows remote attackers to execute arbitrary SQL commands ... | Not Provided | 2007-02-24 | 2026-04-23 |
| CVE-2006-2506 json | Multiple cross-site scripting (XSS) vulnerabilities in search.php in Sphider allow remote attackers to inject arbitrary web s... | 6.8 - MEDIUM | 2006-05-22 | 2018-10-18 |
| CVE-2006-1784 json | PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when register_globals is disabled,... | Not Provided | 2006-04-13 | 2025-04-03 |
Known software with vulnerabilities from Sphider
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Sphider | Sphider | 1.3.2 |