Azerbaijan Development Group Azdgdating vulnerabilities
5 known vulnerabilities affecting azerbaijan_development_group/azdgdating.
Total CVEs
5
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2005-2951P3HIGHCVSS 7.5PoCv2.1.32005-09-16
CVE-2005-2951 [HIGH] CVE-2005-2951: Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier
Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which is used in an include_once statement.
nvd
CVE-2005-1082P3HIGHCVSS 7.5PoCv1.1.02005-04-09
CVE-2005-1082 [HIGH] CVE-2005-1082: Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execut
Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execute arbitrary SQL commands via (1) the id parameter to view.php or (2) the from parameter to members/index.php.
nvd
CVE-2007-3792P3MEDIUMCVSS 4.3PoCv3.0.52007-07-15
CVE-2007-3792 [MEDIUM] CVE-2007-3792: Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers
Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/.
nvd
CVE-2004-1911P4MEDIUMCVSS 4.3PoCv2.1.12004-12-31
CVE-2004-1911 [MEDIUM] CVE-2004-1911: Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject a
Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php.
nvd
CVE-2005-1081P4MEDIUMCVSS 4.3PoCv1.1.02005-05-02
CVE-2005-1081 [MEDIUM] CVE-2005-1081: Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attac
Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
nvd