Vulnerabilities > CVE-2007-4084 - Unspecified vulnerability in Alstrasoft Affiliate Network PRO 8.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN alstrasoft
exploit available
Summary
Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to execute arbitrary SQL commands via (1) the pgmid parameter in an uploadProducts action to merchants/index.php and possibly (2) the rowid parameter to merchants/temp.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | AlstraSoft Affiliate Network Pro 8.0 merchants/index.php uploadProducts Action pgmid Parameter SQL Injection. CVE-2007-4084. Webapps exploit for php platform |
| id | EDB-ID:30371 |
| last seen | 2016-02-03 |
| modified | 2007-07-23 |
| published | 2007-07-23 |
| reporter | Lostmon |
| source | https://www.exploit-db.com/download/30371/ |
| title | AlstraSoft Affiliate Network Pro 8.0 merchants/index.php uploadProducts Action pgmid Parameter SQL Injection |
References
- http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html
- http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html
- http://osvdb.org/37869
- http://osvdb.org/37869
- http://osvdb.org/37870
- http://osvdb.org/37870
- http://www.securityfocus.com/bid/25026
- http://www.securityfocus.com/bid/25026