Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alstrasoft e-friends vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2824
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
Alstrasoft E-friends
1 EDB exploit
NA
CVE-2007-6106
SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and previous versions allows remote malicious users to execute arbitrary SQL commands via the seid parameter in a viewevent action.
Alstrasoft E-friends
1 EDB exploit
NA
CVE-2006-2564
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlstraSoft E-Friends allow remote malicious users to inject arbitrary web script or HTML by (1) posting a blog, (2) posting a listing, (3) posting an event, (4) adding comments, or (5) sending a message.
Alstrasoft E-friends 4.0
NA
CVE-2005-3062
PHP remote file inclusion vulnerability in index.php in AlstraSoft E-Friends 4.0 allows remote malicious users to execute arbitrary PHP code via the mode parameter.
Alstrasoft E-friends 4.0
NA
CVE-2007-4080
Cross-site scripting (XSS) vulnerability in index.php AlstraSoft E-Friends allows remote malicious users to inject arbitrary web script or HTML via the p_id parameter in a people_card action. NOTE: this might overlap CVE-2006-2564.
Alstrasoft E-friends 4.0
NA
CVE-2006-4913
Directory traversal vulnerability in chat/getStartOptions.php in AlstraSoft E-friends 4.85 allows remote malicious users to include arbitrary local files and possibly execute arbitrary code via a .. (dot dot) sequence and trailing null (%00) byte in the lang parameter, as demonst...
Alstrasoft E-friends 4.85
1 EDB exploit
NA
CVE-2008-5751
SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote malicious users to execute arbitrary SQL commands via the id parameter in a directory action.
Alstrasoft Web Email Script Enterprise Nil
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started