Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alstrasoft webhost directory vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-6817
AlstraSoft Web Host Directory allows remote malicious users to obtain sensitive information by requesting any invalid URI, which reveals the path in an error message, a different vulnerability than CVE-2006-2617.
Alstrasoft Webhost Directory
7.5
CVSSv2
CVE-2006-6818
AlstraSoft Web Host Directory allows remote malicious users to bypass authentication and change the admin password via a direct request to admin/config.
Alstrasoft Webhost Directory
6.4
CVSSv2
CVE-2006-6819
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a backup database via a direct request for admin/backup/db.
Alstrasoft Webhost Directory
1 EDB exploit
7.5
CVSSv2
CVE-2006-2616
SQL injection vulnerability in the search script in (1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, allows remote malicious users to execute arbitrary SQL commands via the uri parameter.
Alstrasoft Webhost Directory 1.2
5
CVSSv2
CVE-2006-2617
(1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, allows remote malicious users to obtain the installation path via an invalid entry in the Username field on the login page, which causes the path to be displayed in an SQL error. NOTE: this issue migh...
Alstrasoft Webhost Directory 1.2
4.3
CVSSv2
CVE-2006-2618
Cross-site scripting (XSS) vulnerability in (1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, might allow remote malicious users to inject arbitrary web script or HTML via the "write a review" box. NOTE: since user reviews do not require ad...
Alstrasoft Webhost Directory 1.2
7.5
CVSSv2
CVE-2008-5650
SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote malicious users to execute arbitrary SQL commands via the pwd parameter.
Alstrasoft Webhost Directory Nil
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started