Vulnerabilities > Datingpro
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-08-20 | CVE-2009-2882 | Cross-Site Scripting vulnerability in Datingpro Matchmaking Multiple cross-site scripting (XSS) vulnerabilities in PG MatchMaking allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) browse_ladies.php and (2) browse_men.php, the (3) gender parameter to search.php, and the (4) id parameter to services.php. | 4.3 |
2008-10-22 | CVE-2008-4665 | SQL Injection vulnerability in Datingpro Matchmaking SQL injection vulnerability in PG Matchmaking allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) news_read.php and (2) gifts_show.php. | 7.5 |