Filtered by vendor Globaldatingsoftware Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-41695 1 Globaldatingsoftware 1 Premiumdatingscript 2024-08-04 9.8 Critical
An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. .
CVE-2021-41697 1 Globaldatingsoftware 1 Premiumdatingscript 2024-08-04 6.1 Medium
A reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in assets/sources/instagram.php script.
CVE-2021-41694 1 Globaldatingsoftware 1 Premiumdatingscript 2024-08-04 9.8 Critical
An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php.
CVE-2021-41696 1 Globaldatingsoftware 1 Premiumdatingscript 2024-08-04 6.5 Medium
An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php.