Vulnerabilities > Maianscriptworld > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-14 | CVE-2008-2204 | Cross-Site Scripting vulnerability in Maianscriptworld Maian Search 1.1 Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Search 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) header, (2) header2, (3) header3, (4) header4, (5) header5, (6) header6, (7) header7, (8) header8, and (9) header9 parameters. | 4.3 |
| 2008-05-14 | CVE-2008-2202 | Cross-Site Scripting vulnerability in Maianscriptworld Maian Uploader 4.0 Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action. | 4.3 |
| 2008-05-14 | CVE-2008-2201 | Cross-Site Scripting vulnerability in Maianscriptworld Maian Recipe 1.2 Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Recipe 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) header, (2) header2, (3) header3, (4) header4, (5) header5, (6) header6, (7) header7, (8) header8, and (9) header9 parameters. | 4.3 |
| 2008-05-14 | CVE-2008-2200 | Cross-Site Scripting vulnerability in Maianscriptworld Maian Weblog 4.0 Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to admin/index.php in a blogs search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action. | 4.3 |
| 2008-02-29 | CVE-2008-1075 | Cross-Site Scripting vulnerability in Maianscriptworld Maian Cart 1.1 Cross-site scripting (XSS) vulnerability in index.php in Maian Cart 1.1 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search command. | 4.3 |