📦

weblog

Vendor: maian

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 0 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 5.67% Exploit Prob.

Latest CVE CVE-2008-3318 Jul 25

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2008-3318

Exploit Found

admin/index.php in Maian Weblog 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary weblog_cookie cookie.

EPSS: 8.94%

Severity: HIGH

Jul 25, 2008

6.8 CVSS

CVE-2007-2078

PHP remote file inclusion vulnerability in index.php in Maian Weblog 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, since the path_to_folder variable is initialized before use

EPSS: 2.40%

Severity: MEDIUM

Apr 18, 2007

Displaying 2 of 2 Total Entries

Total 1 Sections