CVE Tools

alstrasoft

Cloud & SaaScommercial

55

Cumulative CVEs

19

Monthly snapshots

#5

Peak rank

Top products

article manager pro1 web email script enterprise1 webhost directory1

Latest CVEs

The 15 most recently published vulnerabilities affecting alstrasoft.

CVE-2008-6932Unrestricted file upload vulnerability in submit_file.php in AlstraSoft SendIt Pro allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing...7.5Aug 11, 2009
CVE-2008-5751SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action.7.5Dec 30, 2008
CVE-2008-5650SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote attackers to execute arbitrary SQL commands via the pwd parameter.7.5Dec 17, 2008
CVE-2008-5649SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter.10.0Dec 17, 2008
CVE-2008-3954SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showcat action.7.5Sep 9, 2008
CVE-2008-3386SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-...7.5Jul 30, 2008
CVE-2008-3240SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action.7.5Jul 21, 2008
CVE-2008-2902SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to for...7.5Jun 30, 2008
CVE-2008-2857AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.5.0Jun 25, 2008
CVE-2008-0440AlstraSoft Forum Pay Per Post Exchange 2.0 stores passwords in cleartext, which makes it easier for attackers to access user accounts.5.0Jan 23, 2008
CVE-2008-0429SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a forum_catview action.7.5Jan 23, 2008
CVE-2007-6106SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and earlier allows remote attackers to execute arbitrary SQL commands via the seid parameter in a viewevent action.7.5Nov 23, 2007
CVE-2007-5223Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or ot...6.8Oct 5, 2007
CVE-2007-4087AlstraSoft Video Share Enterprise allows remote attackers to obtain sensitive information (the full path) via (1) a ' (quote) character in the category parameter to view_video.php, or (2) an XSS se...4.3Jul 30, 2007
CVE-2007-4086Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to gmembers.php, or (2) the UID parame...6.8Jul 30, 2007