Vulnerabilities > Azerbaijan Development Group
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-07-15 | CVE-2007-3792 | Remote File Include vulnerability in Azerbaijan Development Group Azdgdating 3.0.5 Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/. network azerbaijan-development-group | 4.3 |
| 2006-04-13 | CVE-2006-1770 | Remote File Include vulnerability in Azerbaijan Development Group Azdgvote 1.0 Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) AzDGVote allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter in (1) vote.php, (2) view.php, (3) admin.php, and (4) admin/index.php. | 10.0 |
| 2005-09-16 | CVE-2005-2951 | Directory Traversal vulnerability in Azerbaijan Development Group Azdgdating 2.1.3 Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which is used in an include_once statement. | 7.5 |
| 2005-05-02 | CVE-2005-1081 | Multiple vulnerability in Azerbaijan Development Group Azdgdating 1.1.0 Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. network azerbaijan-development-group | 4.3 |
| 2005-04-09 | CVE-2005-1082 | Multiple vulnerability in Azerbaijan Development Group Azdgdating 1.1.0 Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execute arbitrary SQL commands via (1) the id parameter to view.php or (2) the from parameter to members/index.php. | 7.5 |
| 2004-12-31 | CVE-2004-1911 | Cross-Site Scripting vulnerability in Azerbaijan Development Group Azdgdating 2.1.1 Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php. network azerbaijan-development-group | 4.3 |