Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web chat vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2670
Multiple cross-site scripting (XSS) vulnerabilities in ChatPat 1.0 allow remote malicious users to inject arbitrary web script or HTML via a chat message in (1) fastchat.php and (2) fastshow.php.
Calendarscripts.com Chatpat 1.0
5.4
CVSSv3
CVE-2022-45033
A cross-site scripting (XSS) vulnerability in Expense Tracker 1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field.
Oretnom23 Expense Tracker 1.0
NA
CVE-2004-1511
Hotfoon 4.0 does not notify users before opening links in web browsers, which could allow remote malicious users to execute arbitrary code via a certain link sent in a chat window.
NA
CVE-2003-1540
WF-Chat 1.0 Beta stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain authentication information via a direct request to (1) !pwds.txt and (2) !nicks.txt.
Wfchat Wfchat 1.0
1 EDB exploit
NA
CVE-2004-2355
Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (CSLH) prior to 2.7.4 allows remote malicious users to inject arbitrary web script or HTML via the name field of a livehelp or chat session.
Crafty Syntax Live Help Crafty Syntax Live Help 2.7.3
1 EDB exploit
NA
CVE-2004-1802
Chat Anywhere 2.72 and previous versions allows remote malicious users to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page.
NA
CVE-2024-2956
The Simple Ajax Chat – Add a Fast, Secure Chat Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 20231101 due to insufficient input sanitization and output escaping. This makes it possible for auth...
5.4
CVSSv3
CVE-2022-44955
webtareas 2.4p5 exists to contain a cross-site scripting (XSS) vulnerability in the Chat function. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field.
Webtareas Project Webtareas 2.4
NA
CVE-2005-1189
Cross-site scripting (XSS) vulnerability in WebcamXP PRO v2.16.468 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the chat name, as demonstrated by using an IFRAME to redirect users to other sites.
Webcamxp Webcamxp Pro
NA
CVE-2014-3863
Cross-site scripting (XSS) vulnerability in the JChatSocial component prior to 2.3 for Joomla! allows remote malicious users to inject arbitrary web script or HTML via the filename parameter in a file upload in an active JChat chat window.
J\\!extensions Store Jchatsocial
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »