Filtered by vendor Maran Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-6296 1 Maran 1 Php Shop 2024-11-21 N/A
admin.php in Maran PHP Shop allows remote attackers to bypass authentication and gain administrative access by setting the user cookie to "demo."
CVE-2008-4880 1 Maran 1 Php Shop 2024-11-21 N/A
SQL injection vulnerability in prodshow.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-4879.
CVE-2008-4879 1 Maran 1 Php Shop 2024-11-21 N/A
SQL injection vulnerability in prod.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2008-4880.
CVE-2007-3198 1 Maran 1 Php Blog 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog), possibly only versions before 20070610, allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2007-2182 1 Maran 1 Php Forum 2024-11-21 N/A
Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote attackers to upload and execute arbitrary PHP files via a trailing %00 in a filename in the page parameter.