CVE-2005-3795

Name of the Vulnerable Software and Affected Versions AlstraSoft Affiliate Network Pro version 7.2

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerabilities are found in the Err parameter in admin/index.php and the firstname and lastname parameters in index.php.

Recommendations For AlstraSoft Affiliate Network Pro version 7.2, consider validating and sanitizing user input for the Err parameter in admin/index.php and the firstname and lastname parameters in index.php to prevent XSS attacks. As a temporary workaround, restrict access to these parameters until a patch is available.