Unrated severityNVD Advisory· Published Jul 30, 2007· Updated Apr 23, 2026

CVE-2007-4086

Description

Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to gmembers.php, or (2) the UID parameter to (a) uvideos.php, (b) ugroups.php, (c) uprofile.php, (d) ufavour.php, (e) ufriends.php, or (f) uplaylist.php.

Affected products

Alstrasoft/Video Share Enterprise
cpe:2.3:a:alstrasoft:video_share_enterprise:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.htmlnvdExploit
osvdb.org/37872nvd
osvdb.org/37873nvd
osvdb.org/37874nvd
osvdb.org/37875nvd
osvdb.org/37876nvd
osvdb.org/37877nvd
osvdb.org/37878nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000