Azerbaijan Development Group : Security Vulnerabilities, CVEs,
Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/.
Max CVSS
4.3
EPSS Score
5.94%
Published
2007-07-15
Updated
2018-10-15
Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) AzDGVote allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter in (1) vote.php, (2) view.php, (3) admin.php, and (4) admin/index.php.
Max CVSS
10.0
EPSS Score
10.02%
Published
2006-04-13
Updated
2018-10-18
Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which is used in an include_once statement.
Max CVSS
7.5
EPSS Score
5.62%
Published
2005-09-16
Updated
2017-07-11
Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execute arbitrary SQL commands via (1) the id parameter to view.php or (2) the from parameter to members/index.php.
Max CVSS
7.5
EPSS Score
1.14%
Published
2005-04-09
Updated
2018-10-19
Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Max CVSS
4.3
EPSS Score
0.37%
Published
2005-05-02
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php.
Max CVSS
4.3
EPSS Score
0.72%
Published
2004-12-31
Updated
2017-07-11
6 vulnerabilities found