Lucene search
K
MaianscriptworldMaian Uploader

4 matches found

CVE
CVE
added 2008/05/14 5:0 p.m.47 views

CVE-2008-2202

Maian Uploader 4.0 is affected by multiple cross-site scripting (XSS) vulnerabilities. The issues allow remote attackers to inject arbitrary web script or HTML via: (1) the keywords parameter to upload/admin/index.php in a search action, (2) the msg_charset parameter to admin/inc/header.php, (3) ...

4.3CVSS5.8AI score0.01538EPSS
Web
CVE
CVE
added 2015/01/13 11:0 a.m.41 views

CVE-2014-10005

CVE-2014-10005 affects Maian Uploader 4.0. The issue arises when requesting load_flv.js.php without the required height parameter, which may cause an error message that reveals the installation path. This is a potential information disclosure in the affected component (load_flv.js.php). The docum...

5CVSS6.3AI score0.01842EPSS
CVE
CVE
added 2015/01/13 11:0 a.m.36 views

CVE-2014-10006

Maian Uploader 4.0 is affected by multiple CSRF vulnerabilities that allow an attacker to hijack user authentication for requests that trigger XSS via the width parameter in uploader/admin/js/load_flv.js.php and uploader/js/load_flv.js.php. The CVE description indicates these are CSRF issues lead...

6.8CVSS6.8AI score0.00614EPSS
Web
CVE
CVE
added 2015/01/13 11:0 a.m.34 views

CVE-2014-10004

Maian Uploader 4.0 is affected by a SQL injection in admin/data_files/move.php via the id parameter, enabling remote attackers to execute arbitrary SQL commands. No exploit specifics or mitigation details are provided in the connected documents; implications are partial confidentiality/integrity ...

7.5CVSS8.7AI score0.02072EPSS
Web