Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alstrasoft vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-4077
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Video Share Enterprise allow remote malicious users to inject arbitrary web script or HTML via the (1) msg, (2) page, (3) viewkey, or (4) viewtype parameter to (a) view_video.php; the (5) next parameter to (b) sign...
Alstrasoft Video Share Enterprise
6.4
CVSSv2
CVE-2007-4080
Cross-site scripting (XSS) vulnerability in index.php AlstraSoft E-Friends allows remote malicious users to inject arbitrary web script or HTML via the p_id parameter in a people_card action. NOTE: this might overlap CVE-2006-2564.
Alstrasoft E-friends 4.0
7.5
CVSSv2
CVE-2008-5650
SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote malicious users to execute arbitrary SQL commands via the pwd parameter.
Alstrasoft Webhost Directory Nil
2 EDB exploits
7.5
CVSSv2
CVE-2006-4913
Directory traversal vulnerability in chat/getStartOptions.php in AlstraSoft E-friends 4.85 allows remote malicious users to include arbitrary local files and possibly execute arbitrary code via a .. (dot dot) sequence and trailing null (%00) byte in the lang parameter, as demonst...
Alstrasoft E-friends 4.85
1 EDB exploit
7.5
CVSSv2
CVE-2007-2017
siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote malicious users to obtain or modify user information via a direct request.
Alstrasoft Video Share Enterprise
6.5
CVSSv2
CVE-2007-2018
SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
Alstrasoft Video Share Enterprise
4.3
CVSSv2
CVE-2007-4082
Cross-site scripting (XSS) vulnerability in contact_author.php AlstraSoft Article Manager Pro allows remote malicious users to inject arbitrary web script or HTML via the userid parameter.
Alstrasoft Article Manager Pro
6.8
CVSSv2
CVE-2007-4086
Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enterprise allow remote malicious users to execute arbitrary SQL commands via (1) the gid parameter to gmembers.php, or (2) the UID parameter to (a) uvideos.php, (b) ugroups.php, (c) uprofile.php, (d) ufavour.php, (...
Alstrasoft Video Share Enterprise
4.3
CVSSv2
CVE-2007-4087
AlstraSoft Video Share Enterprise allows remote malicious users to obtain sensitive information (the full path) via (1) a ' (quote) character in the category parameter to view_video.php, or (2) an XSS sequence in the UID parameter to (a) uprofile.php, (b) channel_detail.php,...
Alstrasoft Video Share Enterprise
4.3
CVSSv2
CVE-2006-2564
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlstraSoft E-Friends allow remote malicious users to inject arbitrary web script or HTML by (1) posting a blog, (2) posting a listing, (3) posting an event, (4) adding comments, or (5) sending a message.
Alstrasoft E-friends 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »