CVE-2008-2204

Name of the Vulnerable Software and Affected Versions: Maian Search version 1.1

Description: The issue allows remote attackers to inject arbitrary web script or HTML via the header, header2, header3, header4, header5, header6, header7, header8, and header9 parameters in the admin/inc/header.php file. This can lead to cross-site scripting (XSS) attacks.

Recommendations: For Maian Search version 1.1, as a temporary workaround, consider restricting access to the admin/inc/header.php file until a patch is available. Avoid using the header, header2, header3, header4, header5, header6, header7, header8, and header9 parameters in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.