RSS   Vulnerabilities for 'Azdgdating'   RSS

2007-07-15
 
CVE-2007-3792

CWE-Other
 

 
Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/.

 
2005-09-16
 
CVE-2005-2951

 

 
Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which is used in an include_once statement.

 
2005-04-09
 
CVE-2005-1082

CWE-Other
 

 
Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execute arbitrary SQL commands via (1) the id parameter to view.php or (2) the from parameter to members/index.php.

 
2005-05-02
 
CVE-2005-1081

 

 
Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

 
2004-12-31
 
CVE-2004-1911

 

 
Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php.

 

 >>> Vendor: Azerbaijan development group 2 Products
Azdgdating
Azdgvote


Copyright 2024, cxsecurity.com

 

Back to Top