Sphiderpro Sphider Pro — known CVE vulnerabilities
Every CVE whose affected-product data names Sphiderpro Sphider Pro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2014-5081 — CVSS 9.8 (critical): sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass
CVE-2014-5087 — CVSS 9.8 (critical): A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote…
CVE-2014-5084 — CVSS 8.8 (high): A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious…
CVE-2014-5086 — CVSS 8.8 (high): A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which…