Maianaffiliate

maianaffiliate

Vendor: Maianmedia • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-41421 1Maianmedia 1Maianaffiliate Nov 21, 2024 Jun 16, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel.
CVE-2021-41420 1Maianmedia 1Maianaffiliate Nov 21, 2024 Jun 16, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel...Show more A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel.Show less
CVE-2021-39402 1Maianmedia 1Maianaffiliate Nov 21, 2024 Sep 20, 2021 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors.