VYPR

MaianAffiliate

by MaianAffiliate

CVEs (3)

  • CVE-2021-41420MedJun 16, 2022
    risk 0.35cvss 5.4epss 0.01

    A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel.

  • CVE-2021-41421MedJun 16, 2022
    risk 0.31cvss 4.8epss 0.00

    A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel.

  • CVE-2021-39404MedSep 22, 2021
    risk 0.31cvss 4.8epss 0.01

    MaianAffiliate v1.0 allows an authenticated administrative user to save an XSS to the database.