Vulnerabilities > Alstrasoft > Askme PRO > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-07-30 | CVE-2007-4085 | SQL-Injection vulnerability in AskMe Pro Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php. network alstrasoft | 6.8 |
| 2007-07-30 | CVE-2007-4083 | Cross-Site Scripting vulnerability in AskMe Pro Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to search.php or the (2) typ parameter to register.php. network alstrasoft | 4.3 |