header-logo
Suggest Exploit
vendor:
AzDGDatingLite
by:
Unknown
5.5
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: AzDGDatingLite
Affected Version From: 2.1.2001
Affected Version To: 2.1.2001
Patch Exists: NO
Related CWE:
CPE: a:azdg:azdgdatinglite:2.1.1
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Cross-Site Scripting Vulnerabilities in AzDGDatingLite

The vulnerabilities in AzDGDatingLite can be exploited by enticing a user to visit a malicious link containing hostile HTML and script code. This can lead to theft of authentication credentials or other attacks.

Mitigation:

Implement input sanitization to prevent the execution of malicious scripts. Regularly update to the latest version of AzDGDatingLite.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10084/info

Multiple cross-site scripting vulnerabilities have been reported in AzDGDatingLite. These issues may be exploited by enticing a victim user to visit a malicious link that includes hostile HTML and script code.

Exploitation could facilitate theft of cookie-based authentication credentials or other attacks.

This issue was reported in AzDGDatingLite 2.1.1. It is not known if earlier versions or commercial releases which share the same code base are affected, such as AzDGDatingPlatinum or AzDGDatingGold. 

http://www.example.com/azdlite/index.php?l=en"><script>alert(document.cookie);</script>

Navigation

Suggest Exploit

Services By CQR