Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alstrasoft vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-4591
Multiple PHP remote file inclusion vulnerabilities in AlstraSoft Template Seller, and possibly AltraSoft Template Seller Pro 3.25, allow remote malicious users to execute arbitrary PHP code via a URL in the config[template_path] parameter to (1) payment/payment_result.php or (2) ...
Alstrasoft Template Seller 3.25
Alstrasoft Template Seller
1 EDB exploit
7.5
CVSSv2
CVE-2008-6932
Unrestricted file upload vulnerability in submit_file.php in AlstraSoft SendIt Pro allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in send/files/.
Alstrasoft Sendit
1 EDB exploit
5
CVSSv2
CVE-2005-3026
Directory traversal vulnerability in index.php in Alstrasoft Epay Pro 2.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the read parameter.
Alstrasoft Epay
1 EDB exploit
5
CVSSv2
CVE-2008-2857
AlstraSoft AskMe Pro 2.1 and previous versions stores passwords in cleartext in a MySQL database, which allows context-dependent malicious users to obtain sensitive information.
Alstrasoft Askme
1 EDB exploit
7.5
CVSSv2
CVE-2007-6106
SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and previous versions allows remote malicious users to execute arbitrary SQL commands via the seid parameter in a viewevent action.
Alstrasoft E-friends
1 EDB exploit
4.3
CVSSv2
CVE-2006-0222
Cross-site scripting (XSS) vulnerability in fullview.php in AlstraSoft Template Seller Pro allows remote malicious users to inject arbitrary web script or HTML via the tempid parameter.
Alstrasoft Template Seller
1 EDB exploit
6.8
CVSSv2
CVE-2007-4085
Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote malicious users to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php.
Alstrasoft Askme Pro
1 EDB exploit
7.5
CVSSv2
CVE-2005-0980
PHP remote file inclusion vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote malicious users to execute arbitrary PHP code by modifying the view parameter to reference a URL on a remote web server that contains the code.
Alstrasoft Epay 2.0
1 EDB exploit
4.3
CVSSv2
CVE-2007-4083
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskMe Pro allow remote malicious users to inject arbitrary web script or HTML via (1) the cat_id parameter to search.php or the (2) typ parameter to register.php.
Alstrasoft Askme Pro
10
CVSSv2
CVE-2007-2824
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
Alstrasoft E-friends
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »