CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-2077
https://notcve.org/view.php?id=CVE-2007-2077
18 Apr 2007 — PHP remote file inclusion vulnerability in search.php in Maian Search 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, but confirmed by the vendor, stating "this issue was fixed last year and [no] is longer a problem." Vulnerabilidad de inclusión remota de archivo en PHP en search.php de Maian Search 1.1 permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro... • http://archives.neohapsis.com/archives/bugtraq/2007-04/0244.html •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-2078
https://notcve.org/view.php?id=CVE-2007-2078
18 Apr 2007 — PHP remote file inclusion vulnerability in index.php in Maian Weblog 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, since the path_to_folder variable is initialized before use ** IMPUGNADA ** Vulnerabilidad de inclusión remota de archivo en PHP en index.php de Maian Weblog 3.1 permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro path_to_folder. NOTA: est... • http://archives.neohapsis.com/archives/bugtraq/2007-04/0244.html •
CVSS: 9.8EPSS: 14%CPEs: 1EXPL: 2CVE-2007-0848 – Maian Recipe 1.0 - 'path_to_folder' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2007-0848
08 Feb 2007 — PHP remote file inclusion vulnerability in classes/class_mail.inc.php in Maian Recipe 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. Vulnerabilidad PHP de inclusión remota de archivo en classes/class_mail.inc.php en Maian Recipe 1.0 permite a atacantes remotos ejecutar código PHP de su elección a través de una URL en el parámetro path_to_folder. • https://www.exploit-db.com/exploits/3284 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-1341
https://notcve.org/view.php?id=CVE-2006-1341
21 Mar 2006 — SQL injection vulnerability in events.php in Maian Events 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. • http://evuln.com/vulns/102/description.html •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 2CVE-2006-1334 – Maian Weblog 2.0 - 'mail.php' SQL Injection
https://notcve.org/view.php?id=CVE-2006-1334
21 Mar 2006 — Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php. • https://www.exploit-db.com/exploits/27478 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-1259
https://notcve.org/view.php?id=CVE-2006-1259
19 Mar 2006 — Multiple SQL injection vulnerabilities in Maian Support 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) email or (2) pass parameter to admin/index.php. • http://evuln.com/vulns/103/summary.html •