Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alstrasoft vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4083
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskMe Pro allow remote malicious users to inject arbitrary web script or HTML via (1) the cat_id parameter to search.php or the (2) typ parameter to register.php.
Alstrasoft Askme Pro
NA
CVE-2007-6106
SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and previous versions allows remote malicious users to execute arbitrary SQL commands via the seid parameter in a viewevent action.
Alstrasoft E-friends
1 EDB exploit
NA
CVE-2008-2902
SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085.
Alstrasoft Askme Pro
1 EDB exploit
NA
CVE-2005-0981
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) payment or (2) send parameter.
Alstrasoft Epay 2.0
1 EDB exploit
NA
CVE-2006-0222
Cross-site scripting (XSS) vulnerability in fullview.php in AlstraSoft Template Seller Pro allows remote malicious users to inject arbitrary web script or HTML via the tempid parameter.
Alstrasoft Template Seller
1 EDB exploit
NA
CVE-2007-2776
AlstraSoft Template Seller Pro 3.25 and previous versions sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote malicious users to inject a credential variable setting and obtain administrative access via a direct r...
Alstrasoft Template Seller
1 EDB exploit
NA
CVE-2007-2824
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
Alstrasoft E-friends
1 EDB exploit
NA
CVE-2005-4530
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Enterprise 3.0 (formerly DoPays) allow remote malicious users to inject arbitrary web script or HTML via multiple unspecified parameters in (1) profile.htm, (2) card.htm, (3) bank.htm, (4) subscriptions.htm, (...
Alstrasoft Epay 3.0
NA
CVE-2007-4085
Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote malicious users to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php.
Alstrasoft Askme Pro
1 EDB exploit
NA
CVE-2005-3798
SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote malicious users to execute arbitrary SQL commands via the username field.
Alstrasoft Template Seller 3.25
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »