CVE-2008-2212

Name of the Vulnerable Software and Affected Versions: Maian Cart version 1.1

Description: The issue allows remote attackers to inject arbitrary web script or HTML via several parameters, including msg adminheader, msg adminheader2, msg adminheader3, msg adminheader4, msg script3, and keywords in various PHP files, such as admin/inc/header.php, admin/inc/footer.php, and index.php in a search action.

Recommendations: For Maian Cart version 1.1, as a temporary workaround, consider restricting access to the admin/inc/header.php and admin/inc/footer.php files, and avoid using the keywords parameter in the search action on index.php until a patch is available. Additionally, restrict the use of parameters msg adminheader, msg adminheader2, msg adminheader3, msg adminheader4, and msg script3 to minimize the risk of exploitation.