Required CVE Record Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action.
References 5 Total
- securityfocus.com: 20080505 Maian Uploader v4.0 XSS Vulnerabilities mailing-list
- secunia.com: 30096 third-party-advisory
- securityreason.com: 3882 third-party-advisory
- exchange.xforce.ibmcloud.com: maian-uploader-index-header-xss(42203) vdb-entry
- securityfocus.com: 29051 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- securityfocus.com: 20080505 Maian Uploader v4.0 XSS Vulnerabilities mailing-listx_transferred
- secunia.com: 30096 third-party-advisoryx_transferred
- securityreason.com: 3882 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: maian-uploader-index-header-xss(42203) vdb-entryx_transferred
- securityfocus.com: 29051 vdb-entryx_transferred