5 matches found
Cross site scripting
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...
CVE-2023-4495 Easy Chat Server XSS vulnerability
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...
CVE-2023-4495 Easy Chat Server XSS vulnerability
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...
EFS Software Easy Chat Server Heap Buffer Overflow Vulnerability
EFS Software Easy Chat Server is a simple Web-based chat program from EFS Software. A remote heap buffer overflow vulnerability exists in the register.ghp file in EFS Software Easy Chat Server versions 2.0 through 3.1. The vulnerability can be exploited by a remote attacker to execute arbitrary...
Easy Chat Server 3.1 Password Disclosure
Exploit Title: Easy Chat Server Remote Password Disclosure Date: 09/10/2017 Software Link: http://echatserver.com/ecssetup.exe Exploit Author: Aitezaz Mohsin Vulnerable Version: v2.0 to v3.1 Vulnerability Type: Pre-Auth Remote Password Disclosure Severity: Critical...