Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chat vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-15886
Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat prior to 2.0.0-1124 allows remote authenticated users to download arbitrary local files via a crafted URI.
Synology Chat
5.4
CVSSv3
CVE-2017-15892
Multiple cross-site scripting (XSS) vulnerabilities in Slash Command Creator in Synology Chat prior to 2.0.0-1124 allow remote authenticated users to inject arbitrary web script or HTML via (1) COMMAND, (2) COMMANDS INSTRUCTION, or (3) DESCRIPTION parameter.
Synology Chat
8.8
CVSSv3
CVE-2021-30480
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated malicious users to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is speci...
Zoom Chat
8.8
CVSSv3
CVE-2020-36625
A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is bebd256fc30...
Destiny Chat -
6.5
CVSSv3
CVE-2017-11148
Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat prior to 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors.
Synology Chat
NA
CVE-2006-0418
Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allows malicious users to execute arbitrary code via a crafted username.
Topcmm Computing 123 Flash Chat Server 5.0
Topcmm Computing 123 Flash Chat Server 5.1
1 EDB exploit
NA
CVE-2006-0223
Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows malicious users to create or overwrite arbitrary files on the server via ".." (dot dot) sequences in the username field.
Topcmm Computing 123 Flash Chat Server 5.0
Topcmm Computing 123 Flash Chat Server 5.1
4.8
CVSSv3
CVE-2022-36057
Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. Users of Discourse Chat can be affected by admin users inserting HTML into chat titles and descriptions, causing a Cross-Site Scripting (XSS) attack. Version 0.9 contains a patch...
Discourse Discourse-chat
NA
CVE-2001-0581
Spytech Spynet Chat Server 6.5 allows a remote malicious user to create a denial of service (crash) via a large number of connections to port 6387.
Spytech Spynet Chat
1 EDB exploit
4.8
CVSSv3
CVE-2023-32292
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GetButton Chat Button by GetButton.Io plugin <= 1.8.9.4 versions.
Getbutton Chat Button
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »