Sql injection

2014-10-2016:55:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.8%

JSON

Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) email, or (3) id parameter.

CPENameOperatorVersion
text_chat_roomseq8.2.0

CPE	Name	Operator	Version
	text_chat_rooms	eq	8.2.0

References

archives.neohapsis.com/archives/bugtraq/2014-08/0026.html

packetstormsecurity.com/files/127775/Pro-Chat-Rooms-8.2.0-XSS-Shell-Upload-SQL-Injection.html

www.osvdb.org/109829

exchange.xforce.ibmcloud.com/vulnerabilities/95127

www.exploit-db.com/exploits/34275