VYPR

SkaDate Dating

by Skadate

CVEs (2)

  • CVE-2007-5299Oct 9, 2007
    risk 0.04cvss epss 0.08

    Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, and possibly later versions such as 6.482, allow remote attackers to read arbitrary files via a .. (dot dot) in the view_mode parameter to (1) featured_list.php and (2) online_list.php in member/.

  • CVE-2009-4699Mar 15, 2010
    risk 0.03cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in SkaDate Dating allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/auth.php and (2) file_uploader.php.