Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Text Ads Enterprise allow remote malicious users to inject arbitrary web script or HTML via the (1) r parameter to (a) forgot_uid.php, the (2) query or (3) sk parameter to (b) search_results.php, or (4) the pageId parameter to (c) website_page.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alstrasoft text ads enterprise 2.1 |