VYPR

Ifdate

by Ifusionservices

CVEs (3)

  • CVE-2008-7114Aug 28, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field.

  • CVE-2007-2713May 16, 2007
    risk 0.00cvss epss 0.03

    ifdate 2.x sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request for the admin/ URI.

  • CVE-2006-2664May 30, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in iFdate 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) password fields, or certain other input text boxes.