Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enterprise allow remote malicious users to execute arbitrary SQL commands via (1) the gid parameter to gmembers.php, or (2) the UID parameter to (a) uvideos.php, (b) ugroups.php, (c) uprofile.php, (d) ufavour.php, (e) ufriends.php, or (f) uplaylist.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alstrasoft video share enterprise |