Maian : Security Vulnerabilities, CVEs, CVSS score >= 4

CVE-2012-2405

Gallery 2 before 2.3.2 and 3 before 3.0.3 does not properly implement encryption, which has unspecified impact and attack vectors, a different vulnerability than CVE-2012-1113.
Max CVSS
10.0
EPSS Score
0.14%
Published
2012-04-22
Updated
2017-12-14

CVE-2012-1113

Multiple cross-site scripting (XSS) vulnerabilities in the administration subsystem in Gallery 2 before 2.3.2 and 3 before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.30%
Published
2012-04-22
Updated
2017-12-07

CVE-2008-3322

admin/index.php in Maian Recipe 1.2 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary recipe_cookie cookie.
Max CVSS
7.5
EPSS Score
3.66%
Published
2008-07-25
Updated
2017-10-19

CVE-2008-3320

admin/index.php in Maian Guestbook 3.2 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary gbook_cookie cookie.
Max CVSS
7.5
EPSS Score
1.86%
Published
2008-07-25
Updated
2017-10-19

CVE-2008-3319

admin/index.php in Maian Links 3.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary links_cookie cookie.
Max CVSS
7.5
EPSS Score
6.70%
Published
2008-07-25
Updated
2017-10-19

CVE-2008-3318

admin/index.php in Maian Weblog 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary weblog_cookie cookie.
Max CVSS
7.5
EPSS Score
7.25%
Published
2008-07-25
Updated
2017-10-19

CVE-2007-2078

PHP remote file inclusion vulnerability in index.php in Maian Weblog 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, since the path_to_folder variable is initialized before use
Max CVSS
6.8
EPSS Score
3.28%
Published
2007-04-18
Updated
2024-04-11

CVE-2007-2077

PHP remote file inclusion vulnerability in search.php in Maian Search 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, but confirmed by the vendor, stating "this issue was fixed last year and [no] is longer a problem."
Max CVSS
7.5
EPSS Score
1.53%
Published
2007-04-18
Updated
2018-10-16

CVE-2007-2076

PHP remote file inclusion vulnerability in index.php in Maian Gallery 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, but confirmed by the vendor, stating "this problem existed only briefly in v1.0."
Max CVSS
6.8
EPSS Score
2.36%
Published
2007-04-18
Updated
2018-10-16

CVE-2006-1259

Multiple SQL injection vulnerabilities in Maian Support 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) email or (2) pass parameter to admin/index.php.
Max CVSS
7.5
EPSS Score
0.75%
Published
2006-03-19
Updated
2018-10-18
10 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close