Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chat vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-10879
The wp-live-chat-support plugin prior to 6.2.02 for WordPress has XSS.
3cx Live Chat
5
CVSSv2
CVE-2001-0581
Spytech Spynet Chat Server 6.5 allows a remote malicious user to create a denial of service (crash) via a large number of connections to port 6387.
Spytech Spynet Chat
1 EDB exploit
6.8
CVSSv2
CVE-2021-43353
The Crisp Live Chat WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the crisp_plugin_settings_page function found in the ~/crisp.php file, which made it possible for malicious users to inject arbitrary web scripts in versions up to...
Crisp Live Chat
7.5
CVSSv2
CVE-2018-12426
The WP Live Chat Support Pro plugin prior to 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type.
3cx Live Chat
4.3
CVSSv2
CVE-2017-18508
The wp-live-chat-support plugin prior to 7.1.03 for WordPress has XSS.
3cx Live Chat
4
CVSSv2
CVE-2022-31095
discourse-chat is a chat plugin for the Discourse application. Versions before 0.4 are vulnerable to an exposure of sensitive information, where an attacker who knows the message ID for a channel they do not have access to can view that message using the chat message lookup endpo...
Discourse Discourse-chat
7.5
CVSSv2
CVE-2019-11185
The WP Live Chat Support Pro plugin up to and including 8.0.26 for WordPress contains an arbitrary file upload vulnerability. This results from an incomplete patch for CVE-2018-12426. Arbitrary file upload is achieved by using a non-blacklisted executable file extension in conjun...
3cx Live Chat
10
CVSSv2
CVE-2007-0954
MOHA Chat 0.1b7 and previous versions does not require authentication for use of the plug in API, which has unknown impact and attack vectors.
Mohachat Moha Chat
NA
CVE-2022-39279
discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions before 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting (XSS) attack by inserting unsaf...
Discourse Discourse-chat
NA
CVE-2022-4902
A vulnerability classified as problematic has been found in eXo Chat Application. Affected is an unknown function of the file application/src/main/webapp/vue-app/components/ExoChatMessageComposer.vue of the component Mention Handler. The manipulation leads to cross site scripting...
Exoplatform Chat Application
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »