Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stephen craton chatness vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2007-2149
Stephen Craton (aka WiredPHP) Chatness 2.5.3 and previous versions stores usernames and unencrypted passwords in (1) classes/vars.php and (2) classes/varstuff.php, and recommends 0666 or 0777 permissions for these files, which allows local users to gain privileges by reading the ...
Stephen Craton Chatness
1 EDB exploit
1000
VMScore
CVE-2007-2147
admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and previous versions does not check for administrative credentials, which allows remote malicious users to read and modify the classes/vars.php and classes/varstuff.php configuration files via direct requests.
Stephen Craton Chatness
1 EDB exploit
655
VMScore
CVE-2007-2148
Direct static code injection vulnerability in admin/save.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and previous versions allows remote authenticated administrators to inject PHP code into .html files via the html parameter, as demonstrated by head.html and foot.html, wh...
Stephen Craton Chatness
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started