Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chat vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-11148
Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat prior to 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors.
Synology Chat
6.5
CVSSv3
CVE-2017-15886
Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat prior to 2.0.0-1124 allows remote authenticated users to download arbitrary local files via a crafted URI.
Synology Chat
8.8
CVSSv3
CVE-2021-30480
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated malicious users to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is speci...
Zoom Chat
5.4
CVSSv3
CVE-2017-15892
Multiple cross-site scripting (XSS) vulnerabilities in Slash Command Creator in Synology Chat prior to 2.0.0-1124 allow remote authenticated users to inject arbitrary web script or HTML via (1) COMMAND, (2) COMMANDS INSTRUCTION, or (3) DESCRIPTION parameter.
Synology Chat
8.8
CVSSv3
CVE-2020-36625
A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is bebd256fc30...
Destiny Chat -
NA
CVE-2006-0223
Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows malicious users to create or overwrite arbitrary files on the server via ".." (dot dot) sequences in the username field.
Topcmm Computing 123 Flash Chat Server 5.0
Topcmm Computing 123 Flash Chat Server 5.1
NA
CVE-2006-0418
Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allows malicious users to execute arbitrary code via a crafted username.
Topcmm Computing 123 Flash Chat Server 5.0
Topcmm Computing 123 Flash Chat Server 5.1
1 EDB exploit
6.1
CVSSv3
CVE-2014-10386
The wp-live-chat-support plugin prior to 4.1.0 for WordPress has JavaScript injections.
3cx Live Chat
4.8
CVSSv3
CVE-2022-36057
Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. Users of Discourse Chat can be affected by admin users inserting HTML into chat titles and descriptions, causing a Cross-Site Scripting (XSS) attack. Version 0.9 contains a patch...
Discourse Discourse-chat
9.8
CVSSv3
CVE-2018-12426
The WP Live Chat Support Pro plugin prior to 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type.
3cx Live Chat
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »