CVE-2021-41696

An authentication bypass account takeover vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php...

CVE-2021-41696

The CVE-2021-41696 entry concerns Premiumdatingscript 4.2.7.7, where an authentication bypass/account takeover arises from a weak password reset mechanism in requests\user.php. This vulnerability enables bypassing authentication without user interaction,典ically allowing unauthorized access and po...

CVE-2021-41695

An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php...

CVE-2021-41695

CVE-2021-41695 affects Premiumdatingscript 4.2.7.7, with the vulnerability occurring via the ip parameter in connect.php. The issue is an SQL injection caused by unsafely handling external input, potentially allowing an attacker to execute arbitrary SQL commands and access sensitive data. The con...

CVE-2021-41694

CVE-2021-41694 affects Premiumdatingscript 4.2.7.7, with an Incorrect Access Control condition exposed through the password change procedure in requests\user.php. The vulnerability enables improper access control to the password change flow, as described in multiple sources (Red Hat, CNVD/CNNVD, ...

CVE-2021-41694

An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php...

PT-2021-23378 · Unknown · Premiumdatingscript

Name of the Vulnerable Software and Affected Versions: Premiumdatingscript version 4.2.7.7 Description: An issue exists due to incorrect access control in the password change procedure. This issue is specifically found in the requestsuser.php file. Recommendations: For Premiumdatingscript version...