2 matches found
phpDatingClub 'search.php' Cross-Site Scripting and SQL Injection Vulnerabilities
phpDatingClub is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the applicatio...
CVE-2009-2178
CVE-2009-2178 is a documented cross-site scripting (XSS) vulnerability in phpDatingClub 3.7. The affected component is the application’s PHP file website.php , with exploitation possible via the page parameter to inject arbitrary web script or HTML. The vulnerability is reported in the NVD entry ...