CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2203
https://notcve.org/view.php?id=CVE-2008-2203
14 May 2008 — SQL injection vulnerability in search.php in Maian Search 1.1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search action. Vulnerabilidad de inyección SQL en search.php de Maian Search 1.1 permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro keywords en una acción search. • http://securityreason.com/securityalert/3883 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 4CVE-2008-2202 – Maian Uploader 4.0 - 'header.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-2202
14 May 2008 — Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action. Múltiples vulnerabilidades de Secuencias de comandos en sitios cruzados (XSS) en Maian Uploader 4.0 permiten a atacantes remotos inyectar secuencias de comando... • https://www.exploit-db.com/exploits/31743 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2200
https://notcve.org/view.php?id=CVE-2008-2200
14 May 2008 — Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to admin/index.php in a blogs search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Maian Weblog 4.0 permiten a atacantes remotos inyectar secuencias de comandos web... • http://secunia.com/advisories/30060 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2211
https://notcve.org/view.php?id=CVE-2008-2211
14 May 2008 — Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Guestbook 3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script2 and (2) msg_script3 parameters. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en admin/inc/footer.php de Maian Guestbook 3.2 permite a atacantes remotos inyectar web script o HTML de su elección a través de los parámetros (1) msg_script2 y (2) msg_script3. • http://secunia.com/advisories/30071 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2207
https://notcve.org/view.php?id=CVE-2008-2207
14 May 2008 — Cross-site scripting (XSS) vulnerability in admin/index.php in Maian Gallery 2.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en admin/index.php de Maian Gallery 2.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML mediante el parámetro keywords en una acción search. • http://secunia.com/advisories/30070 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2206
https://notcve.org/view.php?id=CVE-2008-2206
14 May 2008 — Multiple cross-site scripting (XSS) vulnerabilities in Maian Music 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter in a search action to index.php, and the (2) msg_script parameter to admin/inc/footer.php. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados en Maian Music 1.1 permiten a atacantes remotos inyectar secuencias de comandos Web o HTML de su elección a través de (1) el parámetro keywords en una acción de búsqueda en index.php, y ... • http://secunia.com/advisories/30066 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2209
https://notcve.org/view.php?id=CVE-2008-2209
14 May 2008 — Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Greeting 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script and (2) msg_script2 parameters. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en admin/inc/header.php de Maian Greeting 2.1 permiten a atacantes remotos inyectar secuencias de comandos web o HTML mediante los parámetros 1) msg_script y (2) msg_script2. • http://secunia.com/advisories/30069 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2201
https://notcve.org/view.php?id=CVE-2008-2201
14 May 2008 — Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Recipe 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) header, (2) header2, (3) header3, (4) header4, (5) header5, (6) header6, (7) header7, (8) header8, and (9) header9 parameters. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados en admin/inc/header.php en Maian Recipe 1.2 permiten a atacantes remotos inyectar inyectar secuencias de comandos Web o HTML de su elección a tr... • http://secunia.com/advisories/30067 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2210
https://notcve.org/view.php?id=CVE-2008-2210
14 May 2008 — Multiple cross-site scripting (XSS) vulnerabilities in Maian Support 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script, (2) msg_script2, and (3) msg_script3 parameters to admin/inc/footer.php; and the (4) msg_script2 parameter to admin/inc/header.php. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Maian Support 1.3; permiten a atacantes remotos inyectar secuencias de comandos Web o HTML de su elección a través de los parámetros (1) msg... • http://secunia.com/advisories/30068 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2212
https://notcve.org/view.php?id=CVE-2008-2212
14 May 2008 — Multiple cross-site scripting (XSS) vulnerabilities in Maian Cart 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_adminheader, (2) msg_adminheader2, (3) msg_adminheader3, (4) msg_adminheader4, and unspecified other parameters to admin/inc/header.php; the (5) msg_script3 and unspecified other parameters to admin/inc/footer.php; and the (6) keywords parameter to index.php in a search action. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Maia... • http://securityreason.com/securityalert/3891 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •