Template Seller

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:alstrasoft:template_seller:3.25:*:pro:*:*:*:*:*

part: a version: 3.25 update: *

VendorAlstrasoft (a4963e9f-6c7e-59f9-91ba-7bec89015e6d)
ProductTemplate Seller (11214aae-9737-5ca2-a527-ef03bca336b3)
Editionpro
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2006-4591 vulnerable 2026-06-03 14:27:43.338032 Details available
Multiple PHP remote file inclusion vulnerabilities in AlstraSoft Template Seller, and possibly AltraSoft Template Seller Pro 3.25, allow remote attackers to execute arbitrary PHP code via a URL in the config[template_path] parameter to (1) payment/payment_result.php or (2) /payment/spuser_result.php.
Published: 2006-09-06T22:00:00.000Z
Updated: 2024-08-07T19:14:47.574Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2005-3798 vulnerable 2026-06-03 14:27:11.355854 Details available
SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary SQL commands via the username field.
Published: 2005-11-24T11:00:00.000Z
Updated: 2024-08-07T23:24:36.249Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2005-3797 vulnerable 2026-06-03 14:27:11.355430 Details available
PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary PHP code via the config[basepath] parameter.
Published: 2005-11-24T11:00:00.000Z
Updated: 2024-08-07T23:24:36.539Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.