Epay Security Vulnerabilities and Issues — Epay CVE List

Lucene search

AlstrasoftEpay

5 matches found

CVE•added 2005/05/02 4:0 a.m.•71 views

CVE-2005-0980

PHP remote file inclusion vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary PHP code by modifying the view parameter to reference a URL on a remote web server that contains the code.

7.5CVSS7.9AI score0.00987EPSS

CVE•added 2005/05/02 4:0 a.m.•36 views

CVE-2005-0981

Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) payment or (2) send parameter.

4.3CVSS6AI score0.02914EPSS

CVE•added 2005/12/28 1:3 a.m.•35 views

CVE-2005-4530

Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Enterprise 3.0 (formerly DoPays) allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters in (1) profile.htm, (2) card.htm, (3) bank.htm, (4) subscriptions.htm, (5) send.htm, (6) request....

5.1CVSS6.1AI score0.02636EPSS

CVE•added 2006/01/14 1:0 a.m.•32 views

CVE-2005-4651

SQL injection vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the pmodule parameter.

6.4CVSS8.8AI score0.00279EPSS

CVE•added 2005/09/21 10:3 p.m.•28 views

CVE-2005-3026

Directory traversal vulnerability in index.php in Alstrasoft Epay Pro 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter.

5CVSS7.1AI score0.0421EPSS