CVE-2003-0436

mnogosearch 3.1.20 - Remote Code Execution via Long ul Parameter

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2003-0436. PoCs published by inv, pokleyzz.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in mnoGoSearch's 'search.cgi' by sending a crafted HTTP GET request with a long URI parameter containing NOP sleds, shellcode, and a return address. The shellcode binds a shell to port 10000, allowing remote code execution.

Description

Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by inv · perlremotecgi

https://www.exploit-db.com/exploits/22754

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in mnoGoSearch's 'search.cgi' by sending a crafted HTTP GET request with a long URI parameter containing NOP sleds, shellcode, and a return address. The shellcode binds a shell to port 10000, allowing remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: mnoGoSearch search.cgi (version not specified)

No auth needed

Prerequisites: Network access to the target web server · Vulnerable version of mnoGoSearch with 'search.cgi' exposed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by pokleyzz · perlremotecgi

https://www.exploit-db.com/exploits/22753

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in mnoGoSearch's search.cgi (CVE-2003-0436) by sending a crafted HTTP GET request with an overly long 'ul' parameter. It includes shellcode to execute arbitrary commands on the target system.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: mnoGoSearch 3.1.x

No auth needed

Prerequisites: Target must be running mnoGoSearch 3.1.x with search.cgi accessible · Network access to the target web server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List mailing-list x_refsource_fulldisc

http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005543.html

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/7865

Scores

EPSS 0.0969

EPSS Percentile 94.9%

Details

Status published

Products (1)

mnogosearch/mnogosearch 3.1.20

Published Jul 24, 2003

Tracked Since Feb 18, 2026