Lucene search
+L
AlstrasoftEpay

5 matches found

CVE
CVE
added 2005/04/05 4:0 a.m.83 views

CVE-2005-0980

Vulnerability: CVE-2005-0980 affects AlstraSoft EPay Pro 2.0 (index.php) through a PHP remote file inclusion via the view parameter, enabling arbitrary PHP code execution when an attacker references a URL on a remote server. Root cause: insufficient input validation/ sanitization allowing inclusi...

7.5CVSS7.9AI score0.02675EPSS
CVE
CVE
added 2005/12/28 1:0 a.m.50 views

CVE-2005-4530

CVE-2005-4530 : Affected product is AlstraSoft EPay Enterprise 3.0 (formerly DoPays). The issue is multiple cross-site scripting (XSS) vulnerabilities in pages such as profile.htm, card.htm, bank.htm, subscriptions.htm, send.htm, request.htm, forgot.htm, escrow.htm, donations.htm, and products.ht...

5.1CVSS6.1AI score0.02155EPSS
CVE
CVE
added 2005/04/05 4:0 a.m.49 views

CVE-2005-0981

CVE-2005-0981 describes multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 that allow remote attackers to inject arbitrary web script or HTML via the (1) payment or (2) send parameter. The NVD entry lists a base score of 4.3 (MEDIUM) with network attack vector, no conf...

4.3CVSS6AI score0.01754EPSS
CVE
CVE
added 2006/01/14 1:0 a.m.46 views

CVE-2005-4651

The CVE-2005-4651 entry describes an SQL injection vulnerability in index.php of AlstraSoft EPay Pro 2.0, exploitable via the pmodule parameter to execute arbitrary SQL commands remotely. Affected component: index.php in AlstraSoft EPay Pro 2.0; root cause is injectable SQL through pmodule. Docum...

6.4CVSS8.8AI score0.01058EPSS
CVE
CVE
added 2005/09/21 4:0 a.m.39 views

CVE-2005-3026

The vulnerability CVE-2005-3026 affects Alstrasoft Epay Pro 2.0 and earlier, allowing remote attackers to read arbitrary files through a directory traversal in the read parameter (..). The issue is described in the NVD entry as a directory traversal in index.php. No remediation details are provid...

5CVSS7.1AI score0.03628EPSS