Alstrasoft » Askme Pro : Security Vulnerabilities, CVEs,

CVE-2008-2902

SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-06-30
Updated
2017-09-29

CVE-2007-4085

Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php.
Max CVSS
6.8
EPSS Score
0.14%
Published
2007-07-30
Updated
2009-04-14

CVE-2007-4083

Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to search.php or the (2) typ parameter to register.php.
Max CVSS
4.3
EPSS Score
0.27%
Published
2007-07-30
Updated
2008-11-15
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close