Globaldatingsoftware Premiumdatingscript — known CVE vulnerabilities
Every CVE whose affected-product data names Globaldatingsoftware Premiumdatingscript, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-41694 — CVSS 9.8 (critical): An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php.
CVE-2021-41695 — CVSS 9.8 (critical): An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. .
CVE-2021-41696 — CVSS 6.5 (medium): An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in…
CVE-2021-41697 — CVSS 6.1 (medium): A reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in…