Benbusby Whoogle Search — known CVE vulnerabilities
Every CVE whose affected-product data names Benbusby Whoogle Search, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-22203 — CVSS 9.1 (critical): Whoogle Search is a self-hosted metasearch engine. In versions prior to 0.8.4, the `element` method in `app/routes.py` does not validate…
CVE-2024-22205 — CVSS 9.1 (critical): Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the `window` endpoint does not sanitize user-supplied input…
CVE-2024-53305 — CVSS 7.3 (high): An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted…
CVE-2024-22417 — CVSS 6.1 (medium): Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the `element` method in `app/routes.py` does not validate…
CVE-2024-22204 — CVSS 5.3 (medium): Whoogle Search is a self-hosted metasearch engine. Versions 0.8.3 and prior have a limited file write vulnerability when the configuration…