Lucene search
K
AlstrasoftArticle Manager Pro

5 matches found

CVE
CVE
added 2008/12/17 6:0 p.m.49 views

CVE-2008-5649

CVE-2008-5649 describes an SQL injection vulnerability in AlstraSoft Article Manager Pro 1.6, specifically in admin/admin.php where the username parameter can be manipulated to execute arbitrary SQL commands. Documented impact indicates remote attackers could achieve complete confidentiality, int...

10CVSS8.4AI score0.01783EPSS
CVE
CVE
added 2006/05/24 8:0 p.m.47 views

CVE-2006-2566

Affected software: Alstrasoft Article Manager Pro 1.6. The vulnerability is an information disclosure that exposes the path via error messages in two potential inputs: (1) the action parameter in a request to mrarticles.php (possible quote character or invalid value) and (2) a login QUERY_STRING ...

5CVSS6.5AI score0.01392EPSS
CVE
CVE
added 2006/05/24 8:0 p.m.45 views

CVE-2006-2565

Affected software: Alstrasoft Article Manager Pro 1.6. The vulnerability is an SQL injection in two parameters: author_id in profile.php and aut_id in userarticles.php. The SQL manipulation may lead to arbitrary SQL execution and, for the aut_id vector, potential resultant path disclosure if the ...

7.5CVSS8.4AI score0.01337EPSS
CVE
CVE
added 2006/05/24 8:0 p.m.45 views

CVE-2006-2567

CVE-2006-2567 is an XSS vulnerability in the Alstrasoft Article Manager Pro 1.6, affecting the submit_article.php handler. The issue arises from unsafely handling user input in a STYLE attribute, enabling an attacker to inject JavaScript via a javascript: URI in a CSS property, potentially compro...

4.3CVSS5.7AI score0.0118EPSS
CVE
CVE
added 2007/07/30 5:0 p.m.44 views

CVE-2007-4082

CVE-2007-4082 describes a cross-site scripting (XSS) vulnerability in AlstraSoft Article Manager Pro, exploitable via theuserid parameter in contact_author.php. The issue allows remote attackers to inject arbitrary scripts/HTML; CVSS v2 base score 4.3 (Medium) with Network attack vector, no authe...

4.3CVSS5.7AI score0.00871EPSS