Vulnerabilities > Alstrasoft > Video Share Enterprise > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-07-30 | CVE-2008-3386 | SQL Injection vulnerability in Alstrasoft Video Share Enterprise 4.51 SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-4086. | 7.5 |
| 2007-04-12 | CVE-2007-2017 | Remote vulnerability in AlstraSoft Video Share Enterprise siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote attackers to obtain or modify user information via a direct request. | 7.5 |
| 2006-08-29 | CVE-2006-4443 | Remote File Include vulnerability in Alstrasoft Video Share Enterprise 4.0 PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows remote attackers to execute arbitrary PHP code via a URL in the config[BASE_DIR] parameter. | 7.5 |