Video Share Enterprise
Approved changes feed: RSS · Atom
cpe:2.3:a:alstrasoft:video_share_enterprise:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Alstrasoft (a4963e9f-6c7e-59f9-91ba-7bec89015e6d) |
|---|---|
| Product | Video Share Enterprise (f4efe33e-e13e-5789-9bd1-7f9b66ad098f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2007-4087 |
vulnerable | 2026-06-03 14:28:17.770268 |
Details available
AlstraSoft Video Share Enterprise allows remote attackers to obtain sensitive information (the full path) via (1) a ' (quote) character in the category parameter to view_video.php, or (2) an XSS sequence in the UID parameter to (a) uprofile.php, (b) channel_detail.php, (c) uvideos.php, (d) groups_home.php, or (e) ufriends.php.
Published: 2007-07-30T17:00:00.000Z
Updated: 2024-08-07T14:46:38.508Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-4086 |
vulnerable | 2026-06-03 14:28:17.769947 |
Details available
Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to gmembers.php, or (2) the UID parameter to (a) uvideos.php, (b) ugroups.php, (c) uprofile.php, (d) ufavour.php, (e) ufriends.php, or (f) uplaylist.php.
Published: 2007-07-30T17:00:00.000Z
Updated: 2024-08-07T14:46:37.290Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-4077 |
vulnerable | 2026-06-03 14:28:17.759115 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to inject arbitrary web script or HTML via the (1) msg, (2) page, (3) viewkey, or (4) viewtype parameter to (a) view_video.php; the (5) next parameter to (b) signup.php; the (6) search_id parameter to (c) search_result.php; the (7) category or (8) page parameter to (d) video.php; the (9) receiver parameter to (e) compose.php; the (10) catgy parameter to (f) groups.php; the (11) channelname parameter to (g) siteadmin/channels.php; or the (12) uname parameter to (h) siteadmin/muser.php.
Published: 2007-07-30T17:00:00.000Z
Updated: 2024-08-07T14:37:06.225Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2018 |
vulnerable | 2026-06-03 14:28:07.275086 |
Details available
SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
Published: 2007-04-12T19:00:00.000Z
Updated: 2024-08-07T13:13:42.128Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2017 |
vulnerable | 2026-06-03 14:28:07.274679 |
Details available
siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote attackers to obtain or modify user information via a direct request.
Published: 2007-04-12T19:00:00.000Z
Updated: 2024-08-07T13:13:42.034Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.