Vulnerabilities > Globaldatingsoftware

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-09	CVE-2021-41694	Use of Insufficiently Random Values vulnerability in Globaldatingsoftware Premiumdatingscript 4.2.7.7 An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php. network low complexity globaldatingsoftware CWE-330 critical	9.8
2021-12-09	CVE-2021-41695	SQL Injection vulnerability in Globaldatingsoftware Premiumdatingscript 4.2.7.7 An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. network low complexity globaldatingsoftware CWE-89 critical	9.8
2021-12-09	CVE-2021-41696	Weak Password Requirements vulnerability in Globaldatingsoftware Premiumdatingscript 4.2.7.7 An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php. network low complexity globaldatingsoftware CWE-521	6.5
2021-12-09	CVE-2021-41697	Cross-site Scripting vulnerability in Globaldatingsoftware Premiumdatingscript 4.2.7.7 A reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in assets/sources/instagram.php script. network low complexity globaldatingsoftware CWE-79	6.1

Vulnerabilities > Globaldatingsoftware {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Globaldatingsoftware"}]}