CVE-2006-3271

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/06/2006
Last modified:
03/04/2025

Description

Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote attackers to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) index.php, and (e) news_desc.php.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:softbiz:dating_script:1.0:*:*:*:*:*:*:*