Alstrasoft » Askme Pro : Security Vulnerabilities, CVEs,
SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-06-30
Updated
2017-09-29
Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php.
Max CVSS
6.8
EPSS Score
0.14%
Published
2007-07-30
Updated
2009-04-14
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to search.php or the (2) typ parameter to register.php.
Max CVSS
4.3
EPSS Score
0.27%
Published
2007-07-30
Updated
2008-11-15
3 vulnerabilities found