Skip to main content

Premiumdatingscript

4 CVEs product

Monthly

CVE-2021-41697 MEDIUM POC This Month

A reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in assets/sources/instagram.php script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Premiumdatingscript
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-41696 MEDIUM POC This Month

An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Brute Force Authentication Bypass Premiumdatingscript
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-41695 CRITICAL POC Act Now

An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Premiumdatingscript
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-41694 CRITICAL POC Act Now

An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Premiumdatingscript
NVD
CVSS 3.1
9.8
EPSS
1.3%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in assets/sources/instagram.php script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Premiumdatingscript
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\user.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Brute Force Authentication Bypass +1
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Premiumdatingscript
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Premiumdatingscript
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy