Vulnerabilities > CVE-2007-4079 - Unspecified vulnerability in Alstrasoft SMS Text Messaging Enterprise
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN alstrasoft
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft SMS Text Messaging Enterprise allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) q parameter to (a) admin/membersearch.php, or (3) the userid parameter to (b) admin/edituser.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description AlstraSoft SMS Text Messaging Enterprise 2.0 admin/membersearch.php Multiple Parameter XSS. CVE-2007-4079 . Webapps exploit for php platform id EDB-ID:30367 last seen 2016-02-03 modified 2007-07-23 published 2007-07-23 reporter Lostmon source https://www.exploit-db.com/download/30367/ title AlstraSoft Sms Text Messaging Enterprise 2.0 admin/membersearch.php Multiple Parameter XSS description AlstraSoft SMS Text Messaging Enterprise 2.0 admin/edituser.php userid Parameter XSS. CVE-2007-4079 . Webapps exploit for php platform id EDB-ID:30368 last seen 2016-02-03 modified 2007-07-23 published 2007-07-23 reporter Lostmon source https://www.exploit-db.com/download/30368/ title AlstraSoft Sms Text Messaging Enterprise 2.0 admin/edituser.php userid Parameter XSS
References
- http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html
- http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html
- http://osvdb.org/37867
- http://osvdb.org/37867
- http://osvdb.org/37868
- http://osvdb.org/37868
- http://www.securityfocus.com/bid/25022
- http://www.securityfocus.com/bid/25022