CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors...

7.2CVSS7.1AI score0.00886EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 8:43 p.m.•2 views

CVE-2021-39404

MaianAffiliate v1.0 allows an authenticated administrative user to save an XSS to the database...

4.8CVSS5.9AI score0.00479EPSS

Exploits1References1

CNVD•added 2022/06/20 12:0 a.m.•25 views

MaianAffiliate Cross-Site Scripting Vulnerability (CNVD-2022-62192)

MaianAffiliate v.1.0 is a free, simple but powerful php recommender system written in PHP. in the context of authenticated and unauthenticated users...

5.4CVSS4AI score0.01439EPSS

Exploits1References1

CNVD•added 2022/06/20 12:0 a.m.•16 views

MaianAffiliate Code Injection Vulnerability Vulnerability

MaianAffiliate is a free, simple but powerful php referral system written in PHP. a security vulnerability exists in MaianAffiliate v.1.0, which stems from the existence of a PHP code injection issue. An authenticated attacker can exploit this vulnerability to obtain RCE through the MaianAffiliat...

3.5CVSS3.1AI score0.00241EPSS

Exploits1Affected Software1

OSV•added 2022/06/16 5:15 p.m.•2 views

CVE-2021-41420

A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel...

5.4CVSS6.5AI score0.01439EPSS

Exploits1References2

NVD•added 2022/06/16 5:15 p.m.•9 views

CVE-2021-41420

5.4CVSS0.01439EPSS

Exploits1References2

OSV•added 2022/06/16 5:15 p.m.•0 views

CVE-2021-41421

A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel...

4.8CVSS5.8AI score0.00241EPSS

Exploits1References2

NVD•added 2022/06/16 5:15 p.m.•7 views

CVE-2021-41421

A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel...

4.8CVSS0.00241EPSS

Exploits1References2

Prion•added 2022/06/16 5:15 p.m.•11 views

Code injection

A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel...

3.5CVSS5.5AI score0.00241EPSS

Exploits1References2Affected Software1

Prion•added 2022/06/16 5:15 p.m.•12 views

Cross site scripting

3.5CVSS5.7AI score0.01439EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/06/16 4:51 p.m.•9 views

CVE-2021-41421

A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel...

5.8AI score0.00241EPSS

Exploits1References2

CVE•added 2022/06/16 4:51 p.m.•71 views

CVE-2021-41421

CVE-2021-41421 involves a PHP code injection vulnerability in MaianAffiliate v1.0 that enables an authenticated attacker to achieve remote code execution through the MaianAffiliate admin panel. The vulnerability is consistently described across sources as an authenticated code injection path lead...

4.8CVSS5.4AI score0.00241EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/06/16 4:43 p.m.•8 views

CVE-2021-41420

5.8AI score0.01439EPSS

Exploits1References2

CVE•added 2022/06/16 4:43 p.m.•47 views

CVE-2021-41420

MaianAffiliate v1.0 contains a stored XSS vulnerability that allows an authenticated attacker to execute arbitrary JavaScript in the context of both authenticated and unauthenticated users via the MaianAffiliate admin panel. The issue is triggered through user-supplied input stored and later rend...

5.4CVSS5.6AI score0.01439EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2022/06/16 12:0 a.m.•3 views

PT-2022-11398 · Unknown · Maianaffiliate

Name of the Vulnerable Software and Affected Versions: MaianAffiliate version 1.0 Description: A PHP code injection issue allows an authenticated attacker to gain remote code execution RCE through the admin panel. Recommendations: For MaianAffiliate version 1.0, at the moment, there is no...

4.8CVSS5.8AI score0.00241EPSS

Exploits1References4

CNNVD•added 2022/06/16 12:0 a.m.•1 views

MaianAffiliate 跨站脚本漏洞

MaianAffiliate v.1.0 is a free, simple but powerful php recommender system written in PHP. in the context of authenticated and unauthenticated users...

5.4CVSS5.5AI score0.01439EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by