本ページは scriptsez.net e-dating_system に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2006-7061 | Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting (XSS) attacks. | [email protected] | 9.3 | 0.88% | 2007-02-24 | 2026-04-23 |
| CVE-2006-7060 | cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an invalid id parameter in a dologin action, which leaks the path in an error message. | [email protected] | 5.0 | 0.46% | 2007-02-24 | 2026-04-23 |
| CVE-2006-7059 | Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net E-Dating System allow remote attackers to inject arbitrary web script or HTML via encoded entities (') in IMG tags to (1) messages, (2) profile fields, or (3) the id parameter in a dologin operation to cindex.php. | [email protected] | 4.3 | 0.52% | 2007-02-24 | 2026-04-23 |