27 matches found
CVE-2008-0230
CVE-2008-0230 describes a PHP remote file inclusion vulnerability in the file php121db.php used by osDate 2.0.8 (and possibly earlier versions). An attacker can pass a URL in the php121dir parameter to cause the vulnerable script to include remote PHP code, potentially enabling arbitrary code exe...
osDate 1.1.7 multiple vulnerabilities
/ osDate 1.1.7 advisory / Date of written Advisory: ------------------------- July, 18 2006 Product: -------- OSdate = 1.1.7 Vendor: ------- http://tufat.com/ Description: ------------ osDate is a full fledged dating script which can be eaily integrated with phpBB and flashChat, and provides...
CVE-2006-3767
Cross-site scripting XSS vulnerability in showprofile.php in Darren's $5 Script Archive osDate 1.1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the onerror attribute in an HTML IMG tag with a non-existent source file in txtcomment parameter, which is used when...
CVE-2006-3766
Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10...
CVE-2006-3766
Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10...
CVE-2006-3767
Cross-site scripting XSS vulnerability in showprofile.php in Darren's $5 Script Archive osDate 1.1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the onerror attribute in an HTML IMG tag with a non-existent source file in txtcomment parameter, which is used when...
CVE-2006-3766
The CVE-2006-3766 entry affects Darren's $5 Script Archive osDate, specifically versions 1.1.7 and earlier. The vulnerability arises in the txtrating parameter, where a score can be set higher than the intended maximum of 10, enabling users to boost their own ratings. The available connected docu...