Search

Find a vulnerability

Search criteria

    8 vulnerabilities by maian_script_world

    CVE-2014-10003 (GCVE-0-2014-10003)

    Vulnerability from nvd – Published: 2015-01-13 11:00 – Updated: 2024-08-06 14:02
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the width parameter to (1) uploader/admin/js/load_flv.js.php or (2) uploader/js/load_flv.js.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/102489 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://packetstormsecurity.com/files/124918 x_refsource_MISC
    Date Public
    2014-01-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:02:37.930Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "102489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/102489"
              },
              {
                "name": "maian-uploader-loadflv-xss(90716)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90716"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/124918"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-01-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the width parameter to (1) uploader/admin/js/load_flv.js.php or (2) uploader/js/load_flv.js.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-07T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "102489",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/102489"
            },
            {
              "name": "maian-uploader-loadflv-xss(90716)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90716"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/124918"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-10003",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the width parameter to (1) uploader/admin/js/load_flv.js.php or (2) uploader/js/load_flv.js.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "102489",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/102489"
                },
                {
                  "name": "maian-uploader-loadflv-xss(90716)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90716"
                },
                {
                  "name": "http://packetstormsecurity.com/files/124918",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/124918"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-10003",
        "datePublished": "2015-01-13T11:00:00.000Z",
        "dateReserved": "2015-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-06T14:02:37.930Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3321 (GCVE-0-2008-3321)

    Vulnerability from nvd – Published: 2008-07-25 16:00 – Updated: 2024-08-07 09:37
    VLAI
    Summary
    admin/index.php in Maian Uploader 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary uploader_cookie cookie.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/31045 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/30210 vdb-entryx_refsource_BID
    http://www.maianscriptworld.co.uk/news.html x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/6065 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.maianscriptworld.co.uk/free-php-script… x_refsource_CONFIRM
    Date Public
    2008-07-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:37:25.935Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "31045",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31045"
              },
              {
                "name": "30210",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30210"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.maianscriptworld.co.uk/news.html"
              },
              {
                "name": "6065",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/6065"
              },
              {
                "name": "maianuploader-index-security-bypass(43752)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43752"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-uploader/development/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "admin/index.php in Maian Uploader 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary uploader_cookie cookie."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "31045",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31045"
            },
            {
              "name": "30210",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30210"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.maianscriptworld.co.uk/news.html"
            },
            {
              "name": "6065",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/6065"
            },
            {
              "name": "maianuploader-index-security-bypass(43752)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43752"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-uploader/development/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3321",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "admin/index.php in Maian Uploader 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary uploader_cookie cookie."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "31045",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/31045"
                },
                {
                  "name": "30210",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/30210"
                },
                {
                  "name": "http://www.maianscriptworld.co.uk/news.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.maianscriptworld.co.uk/news.html"
                },
                {
                  "name": "6065",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/6065"
                },
                {
                  "name": "maianuploader-index-security-bypass(43752)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43752"
                },
                {
                  "name": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-uploader/development/index.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-uploader/development/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3321",
        "datePublished": "2008-07-25T16:00:00.000Z",
        "dateReserved": "2008-07-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:37:25.935Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3317 (GCVE-0-2008-3317)

    Vulnerability from nvd – Published: 2008-07-25 16:00 – Updated: 2024-08-07 09:37
    VLAI
    Summary
    admin/index.php in Maian Search 1.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.maianscriptworld.co.uk/news.html x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/6066 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/31075 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/4042 third-party-advisoryx_refsource_SREASON
    http://www.maianscriptworld.co.uk/free-php-script… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/30211 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-07-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:37:26.818Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.maianscriptworld.co.uk/news.html"
              },
              {
                "name": "6066",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/6066"
              },
              {
                "name": "31075",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31075"
              },
              {
                "name": "4042",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4042"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-search/development/index.html"
              },
              {
                "name": "30211",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30211"
              },
              {
                "name": "maiansearch-index-security-bypass(43753)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43753"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "admin/index.php in Maian Search 1.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.maianscriptworld.co.uk/news.html"
            },
            {
              "name": "6066",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/6066"
            },
            {
              "name": "31075",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31075"
            },
            {
              "name": "4042",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4042"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-search/development/index.html"
            },
            {
              "name": "30211",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30211"
            },
            {
              "name": "maiansearch-index-security-bypass(43753)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43753"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3317",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "admin/index.php in Maian Search 1.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.maianscriptworld.co.uk/news.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.maianscriptworld.co.uk/news.html"
                },
                {
                  "name": "6066",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/6066"
                },
                {
                  "name": "31075",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/31075"
                },
                {
                  "name": "4042",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4042"
                },
                {
                  "name": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-search/development/index.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-search/development/index.html"
                },
                {
                  "name": "30211",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/30211"
                },
                {
                  "name": "maiansearch-index-security-bypass(43753)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43753"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3317",
        "datePublished": "2008-07-25T16:00:00.000Z",
        "dateReserved": "2008-07-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:37:26.818Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1334 (GCVE-0-2006-1334)

    Vulnerability from nvd – Published: 2006-03-21 01:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/23946 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/638 third-party-advisoryx_refsource_SREASON
    http://www.vupen.com/english/advisories/2006/0994 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/17247 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/428903/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/17159 vdb-entryx_refsource_BID
    http://securitytracker.com/id?1015818 vdb-entryx_refsource_SECTRACK
    http://evuln.com/vulns/101/summary.html x_refsource_MISC
    http://secunia.com/advisories/19273 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/23945 vdb-entryx_refsource_OSVDB
    Date Public
    2006-03-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:29.056Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "23946",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/23946"
              },
              {
                "name": "638",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/638"
              },
              {
                "name": "ADV-2006-0994",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0994"
              },
              {
                "name": "17247",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17247"
              },
              {
                "name": "20060327 [eVuln] Maian Weblog Multiple SQL Injection Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428903/100/0/threaded"
              },
              {
                "name": "17159",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17159"
              },
              {
                "name": "1015818",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015818"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://evuln.com/vulns/101/summary.html"
              },
              {
                "name": "19273",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19273"
              },
              {
                "name": "maianweblog-printmail-sql-injection(25295)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25295"
              },
              {
                "name": "23945",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/23945"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "23946",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/23946"
            },
            {
              "name": "638",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/638"
            },
            {
              "name": "ADV-2006-0994",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0994"
            },
            {
              "name": "17247",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17247"
            },
            {
              "name": "20060327 [eVuln] Maian Weblog Multiple SQL Injection Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/428903/100/0/threaded"
            },
            {
              "name": "17159",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17159"
            },
            {
              "name": "1015818",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015818"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://evuln.com/vulns/101/summary.html"
            },
            {
              "name": "19273",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19273"
            },
            {
              "name": "maianweblog-printmail-sql-injection(25295)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25295"
            },
            {
              "name": "23945",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/23945"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1334",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "23946",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/23946"
                },
                {
                  "name": "638",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/638"
                },
                {
                  "name": "ADV-2006-0994",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0994"
                },
                {
                  "name": "17247",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17247"
                },
                {
                  "name": "20060327 [eVuln] Maian Weblog Multiple SQL Injection Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/428903/100/0/threaded"
                },
                {
                  "name": "17159",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17159"
                },
                {
                  "name": "1015818",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015818"
                },
                {
                  "name": "http://evuln.com/vulns/101/summary.html",
                  "refsource": "MISC",
                  "url": "http://evuln.com/vulns/101/summary.html"
                },
                {
                  "name": "19273",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19273"
                },
                {
                  "name": "maianweblog-printmail-sql-injection(25295)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25295"
                },
                {
                  "name": "23945",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/23945"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1334",
        "datePublished": "2006-03-21T01:00:00.000Z",
        "dateReserved": "2006-03-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:29.056Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-10003 (GCVE-0-2014-10003)

    Vulnerability from cvelistv5 – Published: 2015-01-13 11:00 – Updated: 2024-08-06 14:02
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the width parameter to (1) uploader/admin/js/load_flv.js.php or (2) uploader/js/load_flv.js.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/102489 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://packetstormsecurity.com/files/124918 x_refsource_MISC
    Date Public
    2014-01-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T14:02:37.930Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "102489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/102489"
              },
              {
                "name": "maian-uploader-loadflv-xss(90716)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90716"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/124918"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-01-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the width parameter to (1) uploader/admin/js/load_flv.js.php or (2) uploader/js/load_flv.js.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-07T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "102489",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/102489"
            },
            {
              "name": "maian-uploader-loadflv-xss(90716)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90716"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/124918"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-10003",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the width parameter to (1) uploader/admin/js/load_flv.js.php or (2) uploader/js/load_flv.js.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "102489",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/102489"
                },
                {
                  "name": "maian-uploader-loadflv-xss(90716)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90716"
                },
                {
                  "name": "http://packetstormsecurity.com/files/124918",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/124918"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-10003",
        "datePublished": "2015-01-13T11:00:00.000Z",
        "dateReserved": "2015-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-06T14:02:37.930Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3321 (GCVE-0-2008-3321)

    Vulnerability from cvelistv5 – Published: 2008-07-25 16:00 – Updated: 2024-08-07 09:37
    VLAI
    Summary
    admin/index.php in Maian Uploader 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary uploader_cookie cookie.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/31045 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/30210 vdb-entryx_refsource_BID
    http://www.maianscriptworld.co.uk/news.html x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/6065 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.maianscriptworld.co.uk/free-php-script… x_refsource_CONFIRM
    Date Public
    2008-07-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:37:25.935Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "31045",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31045"
              },
              {
                "name": "30210",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30210"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.maianscriptworld.co.uk/news.html"
              },
              {
                "name": "6065",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/6065"
              },
              {
                "name": "maianuploader-index-security-bypass(43752)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43752"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-uploader/development/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "admin/index.php in Maian Uploader 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary uploader_cookie cookie."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "31045",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31045"
            },
            {
              "name": "30210",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30210"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.maianscriptworld.co.uk/news.html"
            },
            {
              "name": "6065",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/6065"
            },
            {
              "name": "maianuploader-index-security-bypass(43752)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43752"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-uploader/development/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3321",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "admin/index.php in Maian Uploader 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary uploader_cookie cookie."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "31045",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/31045"
                },
                {
                  "name": "30210",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/30210"
                },
                {
                  "name": "http://www.maianscriptworld.co.uk/news.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.maianscriptworld.co.uk/news.html"
                },
                {
                  "name": "6065",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/6065"
                },
                {
                  "name": "maianuploader-index-security-bypass(43752)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43752"
                },
                {
                  "name": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-uploader/development/index.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-uploader/development/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3321",
        "datePublished": "2008-07-25T16:00:00.000Z",
        "dateReserved": "2008-07-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:37:25.935Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3317 (GCVE-0-2008-3317)

    Vulnerability from cvelistv5 – Published: 2008-07-25 16:00 – Updated: 2024-08-07 09:37
    VLAI
    Summary
    admin/index.php in Maian Search 1.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.maianscriptworld.co.uk/news.html x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/6066 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/31075 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/4042 third-party-advisoryx_refsource_SREASON
    http://www.maianscriptworld.co.uk/free-php-script… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/30211 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-07-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:37:26.818Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.maianscriptworld.co.uk/news.html"
              },
              {
                "name": "6066",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/6066"
              },
              {
                "name": "31075",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31075"
              },
              {
                "name": "4042",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4042"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-search/development/index.html"
              },
              {
                "name": "30211",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30211"
              },
              {
                "name": "maiansearch-index-security-bypass(43753)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43753"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "admin/index.php in Maian Search 1.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.maianscriptworld.co.uk/news.html"
            },
            {
              "name": "6066",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/6066"
            },
            {
              "name": "31075",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31075"
            },
            {
              "name": "4042",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4042"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-search/development/index.html"
            },
            {
              "name": "30211",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30211"
            },
            {
              "name": "maiansearch-index-security-bypass(43753)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43753"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3317",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "admin/index.php in Maian Search 1.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.maianscriptworld.co.uk/news.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.maianscriptworld.co.uk/news.html"
                },
                {
                  "name": "6066",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/6066"
                },
                {
                  "name": "31075",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/31075"
                },
                {
                  "name": "4042",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4042"
                },
                {
                  "name": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-search/development/index.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.maianscriptworld.co.uk/free-php-scripts/maian-search/development/index.html"
                },
                {
                  "name": "30211",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/30211"
                },
                {
                  "name": "maiansearch-index-security-bypass(43753)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43753"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3317",
        "datePublished": "2008-07-25T16:00:00.000Z",
        "dateReserved": "2008-07-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:37:26.818Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1334 (GCVE-0-2006-1334)

    Vulnerability from cvelistv5 – Published: 2006-03-21 01:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/23946 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/638 third-party-advisoryx_refsource_SREASON
    http://www.vupen.com/english/advisories/2006/0994 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/17247 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/428903/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/17159 vdb-entryx_refsource_BID
    http://securitytracker.com/id?1015818 vdb-entryx_refsource_SECTRACK
    http://evuln.com/vulns/101/summary.html x_refsource_MISC
    http://secunia.com/advisories/19273 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/23945 vdb-entryx_refsource_OSVDB
    Date Public
    2006-03-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:29.056Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "23946",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/23946"
              },
              {
                "name": "638",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/638"
              },
              {
                "name": "ADV-2006-0994",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0994"
              },
              {
                "name": "17247",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17247"
              },
              {
                "name": "20060327 [eVuln] Maian Weblog Multiple SQL Injection Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428903/100/0/threaded"
              },
              {
                "name": "17159",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17159"
              },
              {
                "name": "1015818",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015818"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://evuln.com/vulns/101/summary.html"
              },
              {
                "name": "19273",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19273"
              },
              {
                "name": "maianweblog-printmail-sql-injection(25295)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25295"
              },
              {
                "name": "23945",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/23945"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "23946",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/23946"
            },
            {
              "name": "638",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/638"
            },
            {
              "name": "ADV-2006-0994",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0994"
            },
            {
              "name": "17247",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17247"
            },
            {
              "name": "20060327 [eVuln] Maian Weblog Multiple SQL Injection Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/428903/100/0/threaded"
            },
            {
              "name": "17159",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17159"
            },
            {
              "name": "1015818",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015818"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://evuln.com/vulns/101/summary.html"
            },
            {
              "name": "19273",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19273"
            },
            {
              "name": "maianweblog-printmail-sql-injection(25295)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25295"
            },
            {
              "name": "23945",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/23945"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1334",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "23946",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/23946"
                },
                {
                  "name": "638",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/638"
                },
                {
                  "name": "ADV-2006-0994",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0994"
                },
                {
                  "name": "17247",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17247"
                },
                {
                  "name": "20060327 [eVuln] Maian Weblog Multiple SQL Injection Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/428903/100/0/threaded"
                },
                {
                  "name": "17159",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17159"
                },
                {
                  "name": "1015818",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015818"
                },
                {
                  "name": "http://evuln.com/vulns/101/summary.html",
                  "refsource": "MISC",
                  "url": "http://evuln.com/vulns/101/summary.html"
                },
                {
                  "name": "19273",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19273"
                },
                {
                  "name": "maianweblog-printmail-sql-injection(25295)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25295"
                },
                {
                  "name": "23945",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/23945"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1334",
        "datePublished": "2006-03-21T01:00:00.000Z",
        "dateReserved": "2006-03-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:29.056Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }