Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Cross-Site Scripting Vulnerabilities in AzDGDatingLite - exploit.company
header-logo
Suggest Exploit
vendor:
AzDGDatingLite
by:
Unknown
5.5
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: AzDGDatingLite
Affected Version From: 2.1.2001
Affected Version To: 2.1.2001
Patch Exists: NO
Related CWE:
CPE: a:azdg:azdgdatinglite:2.1.1
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Cross-Site Scripting Vulnerabilities in AzDGDatingLite

The vulnerabilities in AzDGDatingLite can be exploited by enticing a user to visit a malicious link containing hostile HTML and script code. This can lead to theft of authentication credentials or other attacks.

Mitigation:

Implement input sanitization to prevent the execution of malicious scripts. Regularly update to the latest version of AzDGDatingLite.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10084/info

Multiple cross-site scripting vulnerabilities have been reported in AzDGDatingLite. These issues may be exploited by enticing a victim user to visit a malicious link that includes hostile HTML and script code.

Exploitation could facilitate theft of cookie-based authentication credentials or other attacks.

This issue was reported in AzDGDatingLite 2.1.1. It is not known if earlier versions or commercial releases which share the same code base are affected, such as AzDGDatingPlatinum or AzDGDatingGold. 

http://www.example.com/azdlite/index.php?l=en"><script>alert(document.cookie);</script>

Navigation

Suggest Exploit

Services By CQR