Aggregates CVE and security vulnerability intelligence across all globaldatingsoftware-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact session compromise and vendor impact data exposure.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-41697 | A reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in assets/sources/instagram.php script. | [email protected] | 6.1 | 0.23% | 2021-12-09 | 2024-11-21 |
| CVE-2021-41696 | An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php. | [email protected] | 6.5 | 0.17% | 2021-12-09 | 2024-11-21 |
| CVE-2021-41695 | An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. . | [email protected] | 9.8 | 0.25% | 2021-12-09 | 2024-11-21 |
| CVE-2021-41694 | An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php. | [email protected] | 9.8 | 0.35% | 2021-12-09 | 2024-11-21 |