17 matches found
CVE-2025-63645
A stored cross-site scripting XSS vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the application's message system. Unsanitized message content submitted by one user is persisted by the server and later rendered in another user's Inbox view without appropriate context-aware...
EUVD-2006-7041
Malware in sbrugna...
EUVD-2006-7042
Malware in sbrugna...
EUVD-2006-7043
Malware in sbrugna...
Code Execution Vulnerability in OElove Wedding Dating System v5.6
OElove wedding dating system is based on OEdev OEdev based on independent research and development of the OEPHP architecture system, launched a set of localized operation of the wedding, dating theme class of free dating website system. A code execution vulnerability exists in OElove Wedding Dati...
Boonex Dolphin has multiple vulnerabilities
Boonex Dolphin is an open source dating community system from Boonex Australia. The system includes modules for online audio and video chat, video sharing and personal blogs. An authentication bypass and remote code execution vulnerability exists in Boonex Dolphin 7.3.2 and earlier versions, whic...
Boonex Dolphin Authentication Bypass Vulnerability
Boonex Dolphin is an open source dating community system from Boonex Australia. The system includes modules for online audio and video chat, video sharing and personal blogs. An authentication bypass vulnerability exists in Boonex Dolphin 7.3.2 and earlier versions, which can be exploited by...
Water-like moonlight Dating system 2 0 1 0 injection vulnerability-vulnerability warning-the black bar safety net
In the program getpass. asp this file. if request. QueryString"action"="rsend" then if request"uname"="" or request"uemail"="" then response. Write"scriptalert’please input login user name and registered e-mail address’;history. back;/script" end if if request"upass1"="" or request"upass2"="" the...
CVE-2006-7061
Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting XSS attacks...
CVE-2006-7060
cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an invalid id parameter in a dologin action, which leaks the path in an error message...
CVE-2006-7059
Multiple cross-site scripting XSS vulnerabilities in Scriptsez.net E-Dating System allow remote attackers to inject arbitrary web script or HTML via encoded entities &0000039 in IMG tags to 1 messages, 2 profile fields, or 3 the id parameter in a dologin operation to cindex.php...
CVE-2006-7061
Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting XSS attacks...
CVE-2006-7060
cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an invalid id parameter in a dologin action, which leaks the path in an error message...
CVE-2006-7059
Multiple cross-site scripting XSS vulnerabilities in Scriptsez.net E-Dating System allow remote attackers to inject arbitrary web script or HTML via encoded entities &0000039 in IMG tags to 1 messages, 2 profile fields, or 3 the id parameter in a dologin operation to cindex.php...
CVE-2006-7061
CVE-2006-7061 affects Scriptsez.net E-Dating System. The vulnerability stems from storing data files with predictable names under the web document root and insufficient access control, enabling remote attackers to read private messages and potentially leverage them for XSS. The connected document...
CVE-2006-7060
The CVE-2006-7060 entry concerns the Scriptsez.net E-Dating System, specifically the file/component cindex.php. Affected behavior is a remote disclosure where an invalid id parameter in a dologin action causes an error message that reveals the full filesystem path, leading to potential informatio...
CVE-2006-7059
CVE-2006-7059 affects Scriptsez.net E-Dating System. The issue is multiple cross-site scripting (XSS) vulnerabilities that let remote attackers inject arbitrary script/HTML via encoded entities (') in IMG tags to (1) messages, (2) profile fields, or (3) the id parameter in a dologin opera...