Total vulnerabilities in the database
Multiple cross-site scripting (XSS) vulnerabilities in search.php in Sphider allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO and (2) the category parameter.
| Software | From | Fixed in |
|---|---|---|
| sphider / sphider | 1.3b | 1.3b.x |
| sphider / sphider | 1.3 | 1.3.x |
| sphider / sphider | 1.3_rc1 | 1.3_rc1.x |
| sphider / sphider | 1.3_rc2 | 1.3_rc2.x |