Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:globaldatingsoftware:premiumdatingscript:4.2.7.7:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-41697 |
A reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in assets/sources/instagram.php script. Published: December 09, 2021; 11:15:08 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-41696 |
An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php. Published: December 09, 2021; 11:15:08 AM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2021-41695 |
An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. . Published: December 09, 2021; 11:15:08 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2021-41694 |
An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php. Published: December 09, 2021; 11:15:08 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 5.0 MEDIUM |