cbcvebase.
CVE-2007-2776
published 2007-05-21

CVE-2007-2776: AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows…

PriorityP351critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
8.62%
94.4th percentile
AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject a credential variable setting and obtain administrative access via a direct request to admin/changeinfo.php.

Affected

1 ranges
VendorProductVersion rangeFixed in
alstrasofttemplate_seller<= 3.25
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.