CVE-2007-4077

Name of the Vulnerable Software and Affected Versions: AlstraSoft Video Share Enterprise (affected versions not specified)

Description: The issue allows remote attackers to inject arbitrary web script or HTML via various parameters to different PHP files. The vulnerable parameters include msg, page, viewkey, viewtype, next, search id, category, receiver, catgy, channelname, and uname in files such as "view video.php", "signup.php", "search result.php", "video.php", "compose.php", "groups.php", "siteadmin/channels.php", and "siteadmin/muser.php".

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.