Vulnerabilities > Web4Future > Edating Professional > 5

DATE	CVE	VULNERABILITY TITLE	RISK
2005-12-06	CVE-2005-4034	SQL Injection vulnerability in Web4Future Edating Professional 5 Multiple SQL injection vulnerabilities in Web4Future eDating Professional 5 allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) pg, and (3) sortb parameters to (a) index.php; (4) cid parameter to (b) gift.php and (c) fq.php; and (5) cat parameter to (d) articles.php. network low complexity web4future	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.