GCVE - cpe:2.3:a:alstrasoft:e-friends:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:alstrasoft:e-friends:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Alstrasoft (`a4963e9f-6c7e-59f9-91ba-7bec89015e6d`)
Product	E Friends (`64262862-6570-543f-82d0-dda16eb2caad`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2007-6106`	vulnerable	2026-06-03 14:28:28.655028	Details available SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and earlier allows remote attackers to execute arbitrary SQL commands via the seid parameter in a viewevent action. Published: 2007-11-23T20:00:00.000Z Updated: 2024-08-07T15:54:26.786Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2007/3964 http://www.securityfocus.com/archive/1/484056/100/0/threaded http://secunia.com/advisories/27766 https://www.exploit-db.com/exploits/4641 http://advisories.echo.or.id/adv/adv85-K-159-2007.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-2824`	vulnerable	2026-06-03 14:28:09.591449	Details available SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and earlier allows remote attackers to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php. Published: 2007-05-22T21:00:00.000Z Updated: 2024-08-07T13:49:57.518Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/34400 https://www.exploit-db.com/exploits/3956 http://osvdb.org/38056 http://www.securityfocus.com/bid/24067	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.