Blog

Latest News, Updates and Tutorials

Critical Updates

IMPORTANT! Critical Vulnerability Reported in Maian Cart IMPORTANT! Critical Vulnerability Reported in Maian Cart

This is important if you are running Maian Cart on your servers. A severe vulnerability has been kindly reported to us by security advisor DreyAnd. The issue concerns the elFinder file manager plugin in Maian Cart and it affects all versions from 3.0 to 3.8. This issue will be made public in 2 weeks, so please update your installations. The issue enables a potential hacker to bypass the cart admin restrictions and execute a RCE (remote code execution) on your server. It should be considered high risk and be fixed immediately. If you are running a version older than 3.0, you are not affected. ... Full Article


Posted: Sun, April 11, 2021
Tags: Maian Cart, Critical Updates,

IMPORTANT! Critical Update. Patch Systems Immediately IMPORTANT! Critical Update. Patch Systems Immediately

A vulnerability in Maian Cart was recently reported to us by Martin Schophaus of https://mschop.dewhich could enable a malicious user to execute a SQL injection command via a forged ‘X-Forwarded-For’ header. This issue is not currently public and will not be made public for 30 days, so you have plenty of time to patch any affected systems. Our thanks to Martin for his sensitivity in this matter. It is important that you patch your systems NOW. As a precautionary measure we have updated similar code in other Maian systems to make sure they can not be attacked, so if you are using any commercial Maian product, you should do the following as soon as possible. ... Full Article


Posted: Wed, November 7, 2018
Tags: Maian Cart, Critical Updates,

Maian Events v3.2 Released - Important Security Update Maian Events v3.2 Released - Important Security Update

v3.2 of the Maian Events system has been released. This includes an important fix for a directory traversal vulnerability as reported to us recently. If you are running v3.0 or v3.1 you must patch your systems NOW. You can find the changelog and download info on the Maian Events website. For upgrades, refer to the upgrade section in the docs. https://www.maianevents.comIf you don’t have time to upgrade, the following file is all you need to replace for the security fix: control/system/_ajax.php – David (Lead Developer @ Maian Media) ... Full Article


Posted: Fri, May 11, 2018
Tags: Maian Events, Critical Updates,


100% Free SoftwareSoftware Versions, Development, Docs & UpgradesNewsletter
Made with in the U.K & Hong Kong • Blog made with Hugo

Free PHP Software / Responsive PHP Scripts / Lightweight PHP Software / White Label PHP Software