3 matches found
CVE-2006-7061
CVE-2006-7061 affects Scriptsez.net E-Dating System. The vulnerability stems from storing data files with predictable names under the web document root and insufficient access control, enabling remote attackers to read private messages and potentially leverage them for XSS. The connected document...
CVE-2006-7059
CVE-2006-7059 affects Scriptsez.net E-Dating System. The issue is multiple cross-site scripting (XSS) vulnerabilities that let remote attackers inject arbitrary script/HTML via encoded entities (') in IMG tags to (1) messages, (2) profile fields, or (3) the id parameter in a dologin opera...
CVE-2006-7060
The CVE-2006-7060 entry concerns the Scriptsez.net E-Dating System, specifically the file/component cindex.php. Affected behavior is a remote disclosure where an invalid id parameter in a dologin action causes an error message that reveals the full filesystem path, leading to potential informatio...