CVSS: 9.8EPSS: 7%CPEs: 2EXPL: 2CVE-2008-3317 – Maian Search 1.1 - Insecure Cookie Handling
https://notcve.org/view.php?id=CVE-2008-3317
25 Jul 2008 — admin/index.php in Maian Search 1.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie. admin/index.php en Maian Search 1.1 y versiones anteriores, permite a atacantes remotos evitar la autenticación y conseguir acceso administrativo mediante en envío de una cookie search_cookie arbitraria. • https://www.exploit-db.com/exploits/6066 • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-2077
https://notcve.org/view.php?id=CVE-2007-2077
18 Apr 2007 — PHP remote file inclusion vulnerability in search.php in Maian Search 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, but confirmed by the vendor, stating "this issue was fixed last year and [no] is longer a problem." Vulnerabilidad de inclusión remota de archivo en PHP en search.php de Maian Search 1.1 permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro... • http://archives.neohapsis.com/archives/bugtraq/2007-04/0244.html •