3 matches found
CVE-2006-3284
CVE-2006-3284 describes an XSS vulnerability in Dating Agent PRO 4.7.1. Affected component: login parameter in webmaster/index.php and search.php, enabling injection of arbitrary web script/HTML. The NVD entry records CVSSv2 base score 2.6 (LOW) with network attack, high complexity, no authentica...
CVE-2006-3282
The CVE-2006-3282 entry affects Dating Agent PRO 4.7.1, where the file requirements.php can be accessed directly to invoke phpinfo. This allows remote attackers to obtain sensitive information through a direct request, constituting an information disclosure vulnerability. The NVD entry confirms a...
CVE-2006-3283
CVE-2006-3283 describes an SQL injection vulnerability in Dating Agent PRO 4.7.1. The flaw allows remote attackers to inject arbitrary SQL via specific parameters: pid (picture.php), mid (mem.php), and sex/relationship (search.php). This can lead to unauthorized database access or manipulation as...