Azerbaijan Development Group » Azdgdating : Security Vulnerabilities, CVEs,
Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/.
Max CVSS
4.3
EPSS Score
6.02%
Published
2007-07-15
Updated
2018-10-15
Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which is used in an include_once statement.
Max CVSS
7.5
EPSS Score
5.62%
Published
2005-09-16
Updated
2017-07-11
Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execute arbitrary SQL commands via (1) the id parameter to view.php or (2) the from parameter to members/index.php.
Max CVSS
7.5
EPSS Score
1.14%
Published
2005-04-09
Updated
2018-10-19
Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Max CVSS
4.3
EPSS Score
0.37%
Published
2005-05-02
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php.
Max CVSS
4.3
EPSS Score
0.72%
Published
2004-12-31
Updated
2017-07-11
5 vulnerabilities found