Lucene search
K
AewebworksAedating

5 matches found

CVE
CVE
added 2006/09/19 7:0 p.m.58 views

CVE-2006-4870

CVE-2006-4870 describes multiple PHP remote file inclusion vulnerabilities in AEDating 4.1 (and possibly earlier). A remote attacker can execute arbitrary PHP code by supplying a URL in the dir[inc] parameter targeting inc/design.inc.php or inc/admin_design.inc.php. The vulnerability’s impact is ...

7.5CVSS8.1AI score0.09867EPSS
CVE
CVE
added 2006/06/28 10:0 p.m.56 views

CVE-2006-3279

CVE-2006-3279 describes a cross-site scripting (XSS) vulnerability in aeDating 4.1. The affected application exposes three vulnerable input points: the Sex parameter in index.php, the ProfileType parameter in join_form.php, and the Email parameter in forgot.php. These allow remote attackers to in...

4.3CVSS6AI score0.01317EPSS
CVE
CVE
added 2005/04/12 4:0 a.m.53 views

CVE-2005-1083

CVE-2005-1083 concerns index.php in aeDating 3.2, where an attacker can remotely include arbitrary files via the skin parameter. This is a plain file inclusion vulnerability and results in arbitrary file inclusion. Context from multiple sources (NVD/Red Hat/CVE records) confirms the affected prod...

5CVSS7.2AI score0.01053EPSS
CVE
CVE
added 2005/09/19 4:0 a.m.50 views

CVE-2005-2985

The CVE refers to a SQL injection vulnerability in AEwebworks aeDating Script 4.0 and earlier, exploitable via the Country parameter in search_result.php. The root cause is unsanitized user input leading to arbitrary SQL execution; affected product versions are aeDating Script 4.0 and earlier. Im...

7.5CVSS8.6AI score0.01162EPSS
CVE
CVE
added 2005/04/12 4:0 a.m.42 views

CVE-2005-1084

The CVE describes an SQL injection in aeDating 3.2 involving sdating.php where the event parameter can be exploited by remote attackers to execute arbitrary SQL commands. Affected component: sdating.php within aeDating 3.2. Root cause: improper handling/sanitization of the event parameter leading...

7.5CVSS8.8AI score0.01124EPSS