Vulnerabilities (CVE)

Filtered by vendor Globaldatingsoftware Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41697 1 Globaldatingsoftware 1 Premiumdatingscript 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in assets/sources/instagram.php script.
CVE-2021-41696 1 Globaldatingsoftware 1 Premiumdatingscript 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php.
CVE-2021-41695 1 Globaldatingsoftware 1 Premiumdatingscript 2024-11-21 7.5 HIGH 9.8 CRITICAL
An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. .
CVE-2021-41694 1 Globaldatingsoftware 1 Premiumdatingscript 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php.