|
Description
|
|
Two vulnerabilities have been identified in V3 Chat Profiles/Dating Script, which could be exploited by remote attackers to bypass security restrictions.
The first issue is caused by a design error in various scripts that rely on cookie names and parameters to authenticate users, which could be exploited by attackers to gain unauthorized access to administrative scripts via a specially crafted cookie.
The second vulnerability is caused by an input validation error in the administrative interface when processing user-supplied login credentials, which could be exploited by malicious people to conduct SQL injection attacks and gain access to administrative scripts.
|
