Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web chat vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-2282
Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a javascript URI in the URL of an avatar, possibly related to the avatar parameter in register.php.
X7 Group X7 Chat 2.0.2
NA
CVE-2022-2039
The Free Live Chat Support plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.11. This is due to missing nonce protection on the livesupporti_settings() function found in the ~/livesupporti.php file. This makes it possible for un...
Livesupporti Free Live Chat Support
2.1
CVSSv2
CVE-2006-0917
Melange Chat Server (aka M-Chat), when accessed via a web browser, automatically sends cookies and other sensitive information for a server to any port specified in the associated link, which allows local users on that server to read the cookies from HTTP headers and possibly gai...
Melange Melange Chat System 1.10
4.3
CVSSv2
CVE-2004-2465
Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Efs Software Easy Chat Server 1.2
6.8
CVSSv2
CVE-2004-0673
Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server 3.4.9 allows remote malicious users to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message.
Simm-comm Sci Photo Chat 3.4.9
1 EDB exploit
4.3
CVSSv2
CVE-2021-34656
The 2Way VideoCalls and Random Chat - HTML5 Webcam Videochat WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the `vws_notice` function found in the ~/inc/requirements.php file which allows malicious users to inject arbitrary web scripts, in versions up to and...
Videowhisper 2way Videocalls And Random Chat
7.8
CVSSv2
CVE-2006-6933
Easy Chat Server 2.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download certain files via direct requests to files such as (1) ServerKey.pem and (2) AcceptIP.txt. NOTE: The provenance of this informati...
Efs Software Easy Chat Server 2.1
NA
CVE-2023-5740
The Live Chat with Facebook Messenger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'messenger' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attr...
Ninjateam Live Chat With Facebook Messenger
4.3
CVSSv2
CVE-2015-7782
Cross-site scripting (XSS) vulnerability in Let's PHP! Frame high-speed chat prior to 2015-09-22 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Let\\'s Php\\! Frame High-speed Chat -
4.3
CVSSv2
CVE-2019-1870
A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email (ECE) Center could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. T...
Cisco Enterprise Chat And Email 11.6\\(1\\)es6
Cisco Enterprise Chat And Email 11.6\\(1\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »