Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alstrasoft vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4591
Multiple PHP remote file inclusion vulnerabilities in AlstraSoft Template Seller, and possibly AltraSoft Template Seller Pro 3.25, allow remote malicious users to execute arbitrary PHP code via a URL in the config[template_path] parameter to (1) payment/payment_result.php or (2) ...
Alstrasoft Template Seller 3.25
Alstrasoft Template Seller
1 EDB exploit
NA
CVE-2008-2857
AlstraSoft AskMe Pro 2.1 and previous versions stores passwords in cleartext in a MySQL database, which allows context-dependent malicious users to obtain sensitive information.
Alstrasoft Askme
1 EDB exploit
NA
CVE-2005-3026
Directory traversal vulnerability in index.php in Alstrasoft Epay Pro 2.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the read parameter.
Alstrasoft Epay
1 EDB exploit
NA
CVE-2008-6932
Unrestricted file upload vulnerability in submit_file.php in AlstraSoft SendIt Pro allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in send/files/.
Alstrasoft Sendit
1 EDB exploit
NA
CVE-2007-2824
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
Alstrasoft E-friends
1 EDB exploit
NA
CVE-2007-6106
SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and previous versions allows remote malicious users to execute arbitrary SQL commands via the seid parameter in a viewevent action.
Alstrasoft E-friends
1 EDB exploit
NA
CVE-2007-4083
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskMe Pro allow remote malicious users to inject arbitrary web script or HTML via (1) the cat_id parameter to search.php or the (2) typ parameter to register.php.
Alstrasoft Askme Pro
NA
CVE-2007-4085
Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote malicious users to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php.
Alstrasoft Askme Pro
1 EDB exploit
NA
CVE-2007-2776
AlstraSoft Template Seller Pro 3.25 and previous versions sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote malicious users to inject a credential variable setting and obtain administrative access via a direct r...
Alstrasoft Template Seller
1 EDB exploit
NA
CVE-2007-2777
Unrestricted file upload vulnerability in admin/addsptemplate.php in AlstraSoft Template Seller Pro 3.25 and previous versions allows remote malicious users to execute arbitrary PHP code via an arbitrary .php filename in the zip parameter, which is created under sptemplates/.
Alstrasoft Template Seller
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »