RSS   Vulnerabilities for 'EPAY'   RSS

2005-12-31
 
CVE-2005-4651

 

 
SQL injection vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the pmodule parameter.

 
2005-12-27
 
CVE-2005-4530

 

 
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Enterprise 3.0 (formerly DoPays) allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters in (1) profile.htm, (2) card.htm, (3) bank.htm, (4) subscriptions.htm, (5) send.htm, (6) request.htm, (7) forgot.htm, (8) escrow.htm, (9) donations.htm, and (10) products.htm.

 
2005-09-21
 
CVE-2005-3026

 

 
Directory traversal vulnerability in index.php in Alstrasoft Epay Pro 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter.

 
2005-05-02
 
CVE-2005-0981

 

 
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) payment or (2) send parameter.

 
 
CVE-2005-0980

 

 
PHP remote file inclusion vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary PHP code by modifying the view parameter to reference a URL on a remote web server that contains the code.

 

 >>> Vendor: Alstrasoft 15 Products
EPAY
E-friends
Affiliate network pro
Template seller
Article manager pro
Webhost directory
Video share enterprise
Live support
Text ads enterprise
Sms text messaging enterprise
Askme pro
Forum pay per post exchange
Askme
Web email script enterprise
Sendit


Copyright 2024, cxsecurity.com

 

Back to Top