This page aggregates publicly disclosed CVE and security risk information related to zainu, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2009-4523 | Cross-site scripting (XSS) vulnerability in index.php in Zainu 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchSongKeyword parameter in a SearchSong action. | [email protected] | 4.3 | 1.53% | 2009-12-31 | 2026-06-16 |
| CVE-2005-3884 | Multiple SQL injection vulnerabilities in the search action in Zainu 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term and (2) start parameters to index.php. | [email protected] | 7.5 | 1.28% | 2005-11-29 | 2026-06-16 |