Alstrasoft Forum Pay Per Post Exchange vulnerabilities
2 known vulnerabilities affecting alstrasoft/forum_pay_per_post_exchange.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-0429P3HIGHCVSS 7.5PoCv2.02008-01-23
CVE-2008-0429 [HIGH] CWE-89 CVE-2008-0429: SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange 2.0 allows remote
SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a forum_catview action.
nvd
CVE-2008-0440P4MEDIUMCVSS 5.0PoCv2.02008-01-23
CVE-2008-0440 [MEDIUM] CWE-255 CVE-2008-0440: AlstraSoft Forum Pay Per Post Exchange 2.0 stores passwords in cleartext, which makes it easier for
AlstraSoft Forum Pay Per Post Exchange 2.0 stores passwords in cleartext, which makes it easier for attackers to access user accounts.
nvd