Lucene search

[email protected]CVE-2007-4086

HistoryJul 30, 2007 - 5:30 p.m.

CVE-2007-4086

2007-07-3017:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

alstrasoft video share enterprise

sql injection

cve-2007-4086

nvd

8.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON

Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to gmembers.php, or (2) the UID parameter to (a) uvideos.php, (b) ugroups.php, © uprofile.php, (d) ufavour.php, (e) ufriends.php, or (f) uplaylist.php.

CPENameOperatorVersion
alstrasoft:video_share_enterprisealstrasoft video share enterpriseeq*

CPE	Name	Operator	Version
alstrasoft:video_share_enterprise	alstrasoft video share enterprise	eq	*

References

lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html

osvdb.org/37872

osvdb.org/37873

osvdb.org/37874

osvdb.org/37875

osvdb.org/37876

osvdb.org/37877

osvdb.org/37878

8.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON

Related for CVE-2007-4086

prion2 cve1