← Back

Weblog

weblog

Vendor: Maian • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-3318
1Maian
1Weblog
Apr 23, 2026
Jul 25, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
admin/index.php in Maian Weblog 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary weblog_cookie cookie.
CVE-2007-2078
1Maian
1Weblog
Apr 23, 2026
Apr 18, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
PHP remote file inclusion vulnerability in index.php in Maian Weblog 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party re...Show more
PHP remote file inclusion vulnerability in index.php in Maian Weblog 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, since the path_to_folder variable is initialized before useShow less