Product
benbusby whoogle search
6 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-53305
CVE-2024-22417
CVE-2024-22205
CVE-2024-22204
CVE-2024-22203
CVE-2022-25303
all versions
An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a cr
< 0.8.4
Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the
element method in app/routes.py does not v< 0.8.4
Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the
window endpoint does not sanitize user-suppl< 0.8.4
Whoogle Search is a self-hosted metasearch engine. Versions 0.8.3 and prior have a limited file write vulnerability when the confi
< 0.8.4
Whoogle Search is a self-hosted metasearch engine. In versions prior to 0.8.4, the
element method in app/routes.py does not va< 0.7.2
The package whoogle-search before 0.7.2 are vulnerable to Cross-site Scripting (XSS) via the query string parameter q. In the case