CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-4079

Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft SMS Text Messaging Enterprise allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) q parameter to (a) admin/membersearch.php, or (3) the userid parameter to (b) admin/edituser.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.024

EPSS Ranking 84.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html
http://osvdb.org/37867
http://osvdb.org/37868
http://www.securityfocus.com/bid/25022
http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html
http://osvdb.org/37867
http://osvdb.org/37868
http://www.securityfocus.com/bid/25022

Products affected by CVE-2007-4079

Alstrasoft » Sms Text Messaging Enterprise » Version: Any

cpe:2.3:a:alstrasoft:sms_text_messaging_enterprise:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-4079

Products

Pricing

Contact Us