Vld Interactive Vldpersonals vulnerabilities
2 known vulnerabilities affecting vld_interactive/vldpersonals.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2014-9005P3HIGHCVSS 7.5PoC≤ 2.72014-11-20
CVE-2014-9005 [HIGH] CWE-89 CVE-2014-9005: Multiple SQL injection vulnerabilities in vldPersonals before 2.7.1 allow remote attackers to execut
Multiple SQL injection vulnerabilities in vldPersonals before 2.7.1 allow remote attackers to execute arbitrary SQL commands via the (1) country, (2) gender1, or ((3) gender2 parameter in a search action to index.php.
nvd
CVE-2014-9004P4MEDIUMCVSS 4.3PoC≤ 2.72014-11-20
CVE-2014-9004 [MEDIUM] CWE-79 CVE-2014-9004: Cross-site scripting (XSS) vulnerability in vldPersonals before 2.7.1 allows remote attackers to inj
Cross-site scripting (XSS) vulnerability in vldPersonals before 2.7.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a member_profile action to index.php.
nvd