Vulnerabilities > Alstrasoft > Askme PRO
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-06-30 | CVE-2008-2902 | SQL Injection vulnerability in Alstrasoft Askme PRO SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2007-07-30 | CVE-2007-4085 | SQL-Injection vulnerability in AskMe Pro Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php. network alstrasoft | 6.8 |
| 2007-07-30 | CVE-2007-4083 | Cross-Site Scripting vulnerability in AskMe Pro Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to search.php or the (2) typ parameter to register.php. network alstrasoft | 4.3 |