Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Maianaffiliate
(Maianmedia)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-09-20 | CVE-2021-39402 | MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors. | Maianaffiliate | 7.2 | ||
| 2022-06-16 | CVE-2021-41420 | A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel. | Maianaffiliate | 5.4 | ||
| 2022-06-16 | CVE-2021-41421 | A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel. | Maianaffiliate | 4.8 |