Filtered by vendor Globaldatingsoftware
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41697 | 1 Globaldatingsoftware | 1 Premiumdatingscript | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in assets/sources/instagram.php script. | |||||
| CVE-2021-41696 | 1 Globaldatingsoftware | 1 Premiumdatingscript | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php. | |||||
| CVE-2021-41695 | 1 Globaldatingsoftware | 1 Premiumdatingscript | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. . | |||||
| CVE-2021-41694 | 1 Globaldatingsoftware | 1 Premiumdatingscript | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php. | |||||