CVE-2007-4086

2007-07-30T17:30:00
ID CVE-2007-4086
Type cve
Reporter cve@mitre.org
Modified 2008-11-15T06:55:00

Description

Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to gmembers.php, or (2) the UID parameter to (a) uvideos.php, (b) ugroups.php, (c) uprofile.php, (d) ufavour.php, (e) ufriends.php, or (f) uplaylist.php.