admin/index.php in Maian Weblog 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary weblog_cookie cookie.
Max CVSS
7.5
EPSS Score
7.25%
Published
2008-07-25
Updated
2017-10-19
PHP remote file inclusion vulnerability in index.php in Maian Weblog 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, since the path_to_folder variable is initialized before use
Max CVSS
6.8
EPSS Score
3.28%
Published
2007-04-18
Updated
2024-04-11
2 vulnerabilities found