cbcvebase.

Alstrasoft Video Share Enterprise vulnerabilities

4 known vulnerabilities affecting alstrasoft/video_share_enterprise.

Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2006-4443P3HIGHCVSS 7.5PoCv4.02006-08-29
CVE-2006-4443 [HIGH] CVE-2006-4443: PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows remote attackers to execute arbitrary PHP code via a URL in the config[BASE_DIR] parameter.
nvd
CVE-2008-3386P3HIGHCVSS 7.5PoCv4.512008-07-30
CVE-2008-3386 [HIGH] CVE-2008-3386: SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote att SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-4086.
nvd
CVE-2007-2017P4HIGHCVSS 7.5≤ 4.1≤ 4.2+1 more2007-04-12
CVE-2007-2017 [HIGH] CVE-2007-2017: siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which all siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote attackers to obtain or modify user information via a direct request.
nvd
CVE-2007-2018P4MEDIUMCVSS 6.5≤ 4.1≤ 4.2+1 more2007-04-12
CVE-2007-2018 [MEDIUM] CVE-2007-2018: SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authentica SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
nvd
Alstrasoft Video Share Enterprise vulnerabilities | cvebase