Launchpad.net

CVE 2009-4699

Multiple cross-site scripting (XSS) vulnerabilities in SkaDate Dating allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/auth.php and (2) file_uploader.php.

See the CVE page on Mitre.org for more details.

References