Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2007-4081

EPSS 1.99% · P84
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-4081

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to inject arbitrary web script or HTML via vectors in (a) merchants/index.php, including the (1) id or (2) msg parameter in a programedit action; the (3) pgmid parameter in an uploadProducts action; the (4) d, (5) m, or (6) y parameter in a daily action; the (7) err parameter in a ProgramReport action; the (8) i, (9) txtto, (10) txtfrom, or (11) programs parameter in a LinkReport action; or the (12) msg parameter in an add_money action; and one vector in (b) merchants/temp.php using (13) the rowid parameter. NOTE: vector 7 might overlap CVE-2005-3795.1.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
AlstraSoft Affiliate Network Pro 多个输入验证漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AlstraSoft Affiliate Network Pro中存在多个跨站脚本攻击漏洞。远程攻击者可以借助(a)merchants/index.php,包括(1)id或(2)一个programedit操作的msg参数;(3)一个uploadProducts操作中的pgmid参数中的向量;(4)d,(5)m,或(6)一个daily操作中的y参数;(7)一个ProgramReport操作中的err参数;(8)i,(9)txtto,(10)txtfrom,或(11)一个LinkReport参数中的progr
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2007-4081

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2007-4081

Please Login to view more intelligence information

Same Patch Batch · n/a · 2007-07-30 · 50 CVEs total

CVE-2007-4085AlstraSoft AskMe Pro 多个参数的SQL注入漏洞
CVE-2007-4092iFoto index.php 目录遍历漏洞
CVE-2007-4096Tor 多个漏洞和信息泄露错误
CVE-2007-4097Tor 多个漏洞和信息泄露错误
CVE-2007-4098Tor 多个漏洞和信息泄露错误
CVE-2007-4099Tor 多个漏洞和信息泄露错误
CVE-2007-3387Freedesktop Poppler 输入验证错误漏洞
CVE-2007-4095BSM Store Dependent Forums UserName Parameter SQL注入漏洞
CVE-2007-4087AlstraSoft Video Share 多个参数的远程攻击漏洞
CVE-2007-4086AlstraSoft Video Share 多个参数的SQL注入漏洞
CVE-2007-4088Vikingboard 多个跨站脚本攻击漏洞
CVE-2007-4084AlstraSoft Affiliate Network Pro 多个输入验证漏洞
CVE-2007-4083AlstraSoft AskMe Pro 多个跨站脚本漏洞
CVE-2007-4082AlstraSoft Article Manager Pro contact_author.php 跨站脚本漏洞
CVE-2007-4080AlstraSoft E-Friends index.php 跨站脚本漏洞
CVE-2007-4079AlstraSoft SMS Text Messaging Enterprise 多个跨站脚本攻击漏洞
CVE-2007-4078AlstraSoft Text Ads Enterprise 多个跨站脚本攻击漏洞
CVE-2007-4077AlstraSoft Video Share 多个跨站脚本漏洞
CVE-2007-4076Alisveris Sitesi Scripti Index.ASP SQL注入漏洞
CVE-2007-4075Alisveris Sitesi Scripti Index.ASP 跨站脚本攻击漏洞

Showing top 20 of 50 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2007-4081

No comments yet

Leave a comment