2 matches found
CVE-2009-2882
CVE-2009-2882 affects PG MatchMaking with multiple XSS flaws allowing remote injection via parameters: show on browse_ladies.php and browse_men.php; gender on search.php; id on services.php. These are documented as cross-site scripting vulnerabilities with a base CVSS v2 score of 4.3 (Medium). Th...
CVE-2008-4665
CVE-2008-4665 affects PG Matchmaking. The vulnerability is a SQL injection in the id parameter of two PHP scripts (news_read.php and gifts_show.php), allowing remote attackers to execute arbitrary SQL commands. Root cause: improper input handling leading to SQL injection. Impact: high (partial co...