CVE-2007-4087 in Video Share Enterpriseinfo

Summary

AlstraSoft Video Share Enterprise allows remote attackers to obtain sensitive information (the full path) via (1) a (quote) character in the category parameter to view_video.php, or (2) an XSS sequence in the UID parameter to (a) uprofile.php, (b) channel_detail.php, (c) uvideos.php, (d) groups_home.php, or (e) ufriends.php.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

07/30/2007

Disclosure

07/30/2007

Moderation

VulDB entry created

Entries

1: VDB-38094

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

4.3

EPSS

0.00574

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-4087
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-4087
CVE Details	https://www.cvedetails.com/cve/CVE-2007-4087/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!