Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alstrasoft vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4083
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskMe Pro allow remote malicious users to inject arbitrary web script or HTML via (1) the cat_id parameter to search.php or the (2) typ parameter to register.php.
Alstrasoft Askme Pro
NA
CVE-2008-2902
SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085.
Alstrasoft Askme Pro
1 EDB exploit
NA
CVE-2005-0981
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) payment or (2) send parameter.
Alstrasoft Epay 2.0
1 EDB exploit
NA
CVE-2007-4085
Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote malicious users to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php.
Alstrasoft Askme Pro
1 EDB exploit
NA
CVE-2006-6817
AlstraSoft Web Host Directory allows remote malicious users to obtain sensitive information by requesting any invalid URI, which reveals the path in an error message, a different vulnerability than CVE-2006-2617.
Alstrasoft Webhost Directory
NA
CVE-2006-6818
AlstraSoft Web Host Directory allows remote malicious users to bypass authentication and change the admin password via a direct request to admin/config.
Alstrasoft Webhost Directory
NA
CVE-2007-2824
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
Alstrasoft E-friends
1 EDB exploit
NA
CVE-2006-6819
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a backup database via a direct request for admin/backup/db.
Alstrasoft Webhost Directory
1 EDB exploit
NA
CVE-2005-4651
SQL injection vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote malicious users to execute arbitrary SQL commands via the pmodule parameter.
Alstrasoft Epay 2.0
NA
CVE-2008-3240
SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote malicious users to execute arbitrary SQL commands via the pgm parameter in a directory action.
Alstrasoft Affiliate Network Pro
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »