Vulnerabilities > Alstrasoft > Forum PAY PER Post Exchange > 2.0

DATE	CVE	VULNERABILITY TITLE	RISK
2008-01-23	CVE-2008-0440	Credentials Management vulnerability in Alstrasoft Forum PAY PER Post Exchange 2.0 AlstraSoft Forum Pay Per Post Exchange 2.0 stores passwords in cleartext, which makes it easier for attackers to access user accounts. network low complexity alstrasoft CWE-255	5.0
2008-01-23	CVE-2008-0429	SQL Injection vulnerability in Alstrasoft Forum PAY PER Post Exchange 2.0 SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a forum_catview action. network low complexity alstrasoft CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.