Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chat vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-4497
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Icon parameter. The XSS is loaded from /users.ghp.
Easy Chat Server Project Easy Chat Server
NA
CVE-2008-5070
SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the gud parameter to (1) profiles/index.php and (2) profiles/admin.php.
Pro Chat Rooms Pro Chat Rooms 3.0.3
1 EDB exploit
6.1
CVSSv3
CVE-2016-7817
Cross-site scripting vulnerability in Simple keitai chat 2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Simple Keitai Chat Project Simple Keitai Chat
NA
CVE-2007-2939
Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat 3.0.0 allow remote malicious users to execute arbitrary PHP code via a URL in the basepath parameter to (1) ITX.php, (2) IT_Error.php, or (3) IT.php in include/pear/.
Mazens Php Chat Mazens Php Chat 3.0.0
1 EDB exploit
6.1
CVSSv3
CVE-2023-4495
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Resume parameter. The XSS is loaded from /register.ghp.
Easy Chat Server Project Easy Chat Server
NA
CVE-2014-5276
Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to inject arbitrary web script or HTML via (1) an uploaded profile picture or (2) the edit parameter to profiles/index.php.
Pro Chat Rooms Text Chat Rooms 8.2.0
1 EDB exploit
9.8
CVSSv3
CVE-2023-3004
A vulnerability, which was classified as critical, has been found in SourceCodester Simple Chat System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=read_msg of the component POST Parameter Handler. The manipulation of the argument convo_i...
Simple Chat System Project Simple Chat System 1.0
9.8
CVSSv3
CVE-2023-4494
Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine.
Easy Chat Server Project Easy Chat Server 3.1
6.5
CVSSv3
CVE-2019-16949
An issue exists in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. A user is allowed to send an archive of their chat log to an email address specified at the beginning of the chat (where the user enters in their name and e-mail address). This POST request can be modified to change ...
Enghouse Web Chat 6.1.300.31
Enghouse Web Chat 6.2.284.34
6.1
CVSSv3
CVE-2019-16950
An XSS issue exists in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript.
Enghouse Web Chat 6.1.300.31
Enghouse Web Chat 6.2.284.34
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »