Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chat vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2017-15886
Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat prior to 2.0.0-1124 allows remote authenticated users to download arbitrary local files via a crafted URI.
Synology Chat
3.5
CVSSv2
CVE-2017-15892
Multiple cross-site scripting (XSS) vulnerabilities in Slash Command Creator in Synology Chat prior to 2.0.0-1124 allow remote authenticated users to inject arbitrary web script or HTML via (1) COMMAND, (2) COMMANDS INSTRUCTION, or (3) DESCRIPTION parameter.
Synology Chat
NA
CVE-2020-36625
A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is bebd256fc30...
Destiny Chat -
4
CVSSv2
CVE-2017-11148
Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat prior to 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors.
Synology Chat
9
CVSSv2
CVE-2021-30480
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated malicious users to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is speci...
Zoom Chat
7.5
CVSSv2
CVE-2006-0418
Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allows malicious users to execute arbitrary code via a crafted username.
Topcmm Computing 123 Flash Chat Server 5.0
Topcmm Computing 123 Flash Chat Server 5.1
1 EDB exploit
5
CVSSv2
CVE-2006-0223
Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows malicious users to create or overwrite arbitrary files on the server via ".." (dot dot) sequences in the username field.
Topcmm Computing 123 Flash Chat Server 5.0
Topcmm Computing 123 Flash Chat Server 5.1
7.5
CVSSv2
CVE-2019-1010104
TechyTalk Quick Chat WordPress Plugin All up to the latest is affected by: SQL Injection. The impact is: Access to the database. The component is: like_escape is used in Quick-chat.php line 399. The attack vector is: Crafted ajax request.
Techytalk Quick Chat
5.8
CVSSv2
CVE-2010-0217
Zeacom Chat Server prior to 5.1 uses too short a random string for the JSESSIONID value, which makes it easier for remote malicious users to hijack sessions or cause a denial of service (Chat Server crash or Tomcat daemon crash) via a brute-force attack.
Zeacom Chat Server
7.5
CVSSv2
CVE-2018-12426
The WP Live Chat Support Pro plugin prior to 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type.
3cx Live Chat
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »