Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chat vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4497
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Icon parameter. The XSS is loaded from /users.ghp.
Easy Chat Server Project Easy Chat Server
755
VMScore
CVE-2008-5070
SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the gud parameter to (1) profiles/index.php and (2) profiles/admin.php.
Pro Chat Rooms Pro Chat Rooms 3.0.3
1 EDB exploit
383
VMScore
CVE-2016-7817
Cross-site scripting vulnerability in Simple keitai chat 2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Simple Keitai Chat Project Simple Keitai Chat
685
VMScore
CVE-2007-2939
Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat 3.0.0 allow remote malicious users to execute arbitrary PHP code via a URL in the basepath parameter to (1) ITX.php, (2) IT_Error.php, or (3) IT.php in include/pear/.
Mazens Php Chat Mazens Php Chat 3.0.0
1 EDB exploit
NA
CVE-2023-4495
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Resume parameter. The XSS is loaded from /register.ghp.
Easy Chat Server Project Easy Chat Server
355
VMScore
CVE-2014-5276
Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to inject arbitrary web script or HTML via (1) an uploaded profile picture or (2) the edit parameter to profiles/index.php.
Pro Chat Rooms Text Chat Rooms 8.2.0
1 EDB exploit
NA
CVE-2023-3004
A vulnerability, which was classified as critical, has been found in SourceCodester Simple Chat System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=read_msg of the component POST Parameter Handler. The manipulation of the argument convo_i...
Simple Chat System Project Simple Chat System 1.0
NA
CVE-2023-4494
Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine.
Easy Chat Server Project Easy Chat Server 3.1
356
VMScore
CVE-2019-16949
An issue exists in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. A user is allowed to send an archive of their chat log to an email address specified at the beginning of the chat (where the user enters in their name and e-mail address). This POST request can be modified to change ...
Enghouse Web Chat 6.1.300.31
Enghouse Web Chat 6.2.284.34
383
VMScore
CVE-2019-16950
An XSS issue exists in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript.
Enghouse Web Chat 6.1.300.31
Enghouse Web Chat 6.2.284.34
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »