2 matches found
CVE-2006-3271
The data indicates CVE-2006-3271 affects Softbiz Dating Script 1.0, with multiple SQL injection vulnerabilities in PHP files (search_results.php via country and sort_by; featured_photos.php via browse; products.php, index.php, news_desc.php via cid). The root cause is unsafely interpolated user i...
CVE-2009-2790
CVE-2009-2790 is a SQL injection vulnerability in SoftBiz Dating Script, specifically in cat_products.php where the cid parameter can be exploited to execute arbitrary SQL commands. The entry notes possible overlap with CVE-2006-3271 and provides a high-severity risk (CVSS v2 base score 7.5). The...