Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alstrasoft vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2006-2618
Cross-site scripting (XSS) vulnerability in (1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, might allow remote malicious users to inject arbitrary web script or HTML via the "write a review" box. NOTE: since user reviews do not require ad...
Alstrasoft Webhost Directory 1.2
383
VMScore
CVE-2007-4077
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Video Share Enterprise allow remote malicious users to inject arbitrary web script or HTML via the (1) msg, (2) page, (3) viewkey, or (4) viewtype parameter to (a) view_video.php; the (5) next parameter to (b) sign...
Alstrasoft Video Share Enterprise
570
VMScore
CVE-2007-4080
Cross-site scripting (XSS) vulnerability in index.php AlstraSoft E-Friends allows remote malicious users to inject arbitrary web script or HTML via the p_id parameter in a people_card action. NOTE: this might overlap CVE-2006-2564.
Alstrasoft E-friends 4.0
383
VMScore
CVE-2007-4082
Cross-site scripting (XSS) vulnerability in contact_author.php AlstraSoft Article Manager Pro allows remote malicious users to inject arbitrary web script or HTML via the userid parameter.
Alstrasoft Article Manager Pro
383
VMScore
CVE-2007-4087
AlstraSoft Video Share Enterprise allows remote malicious users to obtain sensitive information (the full path) via (1) a ' (quote) character in the category parameter to view_video.php, or (2) an XSS sequence in the UID parameter to (a) uprofile.php, (b) channel_detail.php,...
Alstrasoft Video Share Enterprise
383
VMScore
CVE-2006-2564
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlstraSoft E-Friends allow remote malicious users to inject arbitrary web script or HTML by (1) posting a blog, (2) posting a listing, (3) posting an event, (4) adding comments, or (5) sending a message.
Alstrasoft E-friends 4.0
445
VMScore
CVE-2006-2617
(1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, allows remote malicious users to obtain the installation path via an invalid entry in the Username field on the login page, which causes the path to be displayed in an SQL error. NOTE: this issue migh...
Alstrasoft Webhost Directory 1.2
668
VMScore
CVE-2007-2017
siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote malicious users to obtain or modify user information via a direct request.
Alstrasoft Video Share Enterprise
578
VMScore
CVE-2007-2018
SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
Alstrasoft Video Share Enterprise
755
VMScore
CVE-2006-4913
Directory traversal vulnerability in chat/getStartOptions.php in AlstraSoft E-friends 4.85 allows remote malicious users to include arbitrary local files and possibly execute arbitrary code via a .. (dot dot) sequence and trailing null (%00) byte in the lang parameter, as demonst...
Alstrasoft E-friends 4.85
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »