Alstrasoft Video Share Enterprise vulnerabilities
4 known vulnerabilities affecting alstrasoft/video_share_enterprise.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2006-4443P3HIGHCVSS 7.5PoCv4.02006-08-29
CVE-2006-4443 [HIGH] CVE-2006-4443: PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows
PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows remote attackers to execute arbitrary PHP code via a URL in the config[BASE_DIR] parameter.
nvd
CVE-2008-3386P3HIGHCVSS 7.5PoCv4.512008-07-30
CVE-2008-3386 [HIGH] CVE-2008-3386: SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote att
SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-4086.
nvd
CVE-2007-2017P4HIGHCVSS 7.5≤ 4.1≤ 4.2+1 more2007-04-12
CVE-2007-2017 [HIGH] CVE-2007-2017: siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which all
siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote attackers to obtain or modify user information via a direct request.
nvd
CVE-2007-2018P4MEDIUMCVSS 6.5≤ 4.1≤ 4.2+1 more2007-04-12
CVE-2007-2018 [MEDIUM] CVE-2007-2018: SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authentica
SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
nvd