RSS   Podatności dla 'EPAY'   RSS

2005-12-31
 
CVE-2005-4651

 
 
SQL injection vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the pmodule parameter.

 
2005-12-27
 
CVE-2005-4530

 
 
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Enterprise 3.0 (formerly DoPays) allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters in (1) profile.htm, (2) card.htm, (3) bank.htm, (4) subscriptions.htm, (5) send.htm, (6) request.htm, (7) forgot.htm, (8) escrow.htm, (9) donations.htm, and (10) products.htm.

 
2005-09-21
 
CVE-2005-3026

 
 
Directory traversal vulnerability in index.php in Alstrasoft Epay Pro 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter.

 
2005-05-02
 
CVE-2005-0981

 
 
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) payment or (2) send parameter.

 
 
CVE-2005-0980

 
 
PHP remote file inclusion vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary PHP code by modifying the view parameter to reference a URL on a remote web server that contains the code.

 

 >>> Vendor: Alstrasoft 15 Produkty
EPAY
E-friends
Affiliate network pro
Template seller
Article manager pro
Webhost directory
Video share enterprise
Live support
Text ads enterprise
Sms text messaging enterprise
Askme pro
Forum pay per post exchange
Askme
Web email script enterprise
Sendit

Copyright 2024, cxsecurity.com

 

Back to Top