Lucene search
K

240 matches found

NVD
NVD
added 2023/05/31 9:15 a.m.23 views

CVE-2023-3004

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Chat System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=readmsg of the component POST Parameter Handler. The manipulation of the argument convoid leads to sql...

9.8CVSS7.3AI score0.0082EPSS
Exploits1References3
Prion
Prion
added 2023/05/31 9:15 a.m.28 views

Sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Chat System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=readmsg of the component POST Parameter Handler. The manipulation of the argument convoid leads to sql...

6.5CVSS9.6AI score0.0082EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/05/31 9:0 a.m.27 views

CVE-2023-3004 SourceCodester Simple Chat System POST Parameter sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Chat System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=readmsg of the component POST Parameter Handler. The manipulation of the argument convoid leads to sql...

6.5CVSS9.9AI score0.0082EPSS
Exploits1References3
CVE
CVE
added 2023/05/31 9:0 a.m.53 views

CVE-2023-3004

CVE-2023-3004 affects SourceCodester Simple Chat System 1.0, where SQL injection can be triggered in the POST Parameter Handler via /ajax.php?action=read_msg by manipulating convo_id/convo id. The vulnerability is exploitable remotely and has been disclosed publicly. Public sources report a Criti...

9.8CVSS8.3AI score0.0082EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/31 12:0 a.m.4 views

PT-2023-22516 · Sourcecodester · Sourcecodester Simple Chat System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Chat System version 1.0 Description: A critical issue has been found in the file /ajax.php?action=read msg of the component POST Parameter Handler. The manipulation of the convo id argument leads to sql injection. The...

9.8CVSS7.8AI score0.0082EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/05/31 12:0 a.m.3 views

Simple Chat System SQL注入漏洞

Simple Chat System is a simple chat system by nurhodelta17 individual developer. A SQL injection vulnerability exists in Simple Chat System version 1.0, which stems from an incorrect manipulation of the parameter convoid that can lead to sql injection...

9.8CVSS7.1AI score0.0082EPSS
Exploits1References4
Prion
Prion
added 2023/02/07 10:15 p.m.13 views

Cross site scripting

LogicalDOC Enterprise is vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the in-app chat system...

4.9CVSS5.2AI score0.00582EPSS
Exploits2References1Affected Software1
CNVD
CNVD
added 2021/11/23 12:0 a.m.30 views

Open-xchange OX App Suite Cross-Site Scripting Vulnerability (CNVD-2021-90760)

Open-xchange OX App Suite is a web-based cloud desktop environment from Open-Xchange Open-xchange, a US-based company. The environment allows users to more intuitively manage email, tasks, files, etc. A cross-site scripting vulnerability exists in Open-xchange OX App Suite, which can be exploited...

6.1CVSS4.6AI score0.01092EPSS
Exploits3References1
OSV
OSV
added 2021/11/22 9:15 a.m.17 views

CVE-2021-33495

OX App Suite 7.10.5 allows XSS via an OX Chat system message...

6.1CVSS5.8AI score
Exploits0References3
Cvelist
Cvelist
added 2021/11/22 8:30 a.m.34 views

CVE-2021-33495

OX App Suite 7.10.5 allows XSS via an OX Chat system message...

6.2AI score0.01092EPSS
Exploits3References3
0day.today
0day.today
added 2020/05/19 12:0 a.m.59 views

online Chatting System 1.0 - (id) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: online Chatting System 1.0 - 'id' SQL Injection Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14224/online-chatting-system-using-phpmysql.html Software Link:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/25 12:0 a.m.25 views

Simple Chat System 1.0 - 'id' SQL Injection

Exploit Title: Simple Chat System 1.0 - 'id' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/11610/simple-chat-system.html Software Link: https://sourceforge.net/projects/simple-chat-system/files/latest/download Version: 1....

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/04/09 3:16 p.m.59 views

A week in security (April 02 – April 08)

Last week, we took a look at fake Whatsapp antics, dubious gaming extensions, and a huge Panera bread breach. There was also LockCrypt ransomware to contend with, we had a poke around Linkedin, and we published another Physician, protect thyself blog. Other news Compromised cash register systems...

1.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

Melange Chat System 2.0.2 Beta 2 /yell Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4508/info Melange Chat System is a chat server program developed by Christian Walter. Currently support for this application is no longer available. Due to inadequate bounds checking in Melange, it is possible for users t...

7.1AI score
Exploits0
CVE
CVE
added 2005/04/14 4:0 a.m.40 views

CVE-2002-1351

The vulnerability CVE-2002-1351 affects Melange Chat System 1.10. A buffer overflow in the chat_InterpretData function, triggered by a long Nick (nickname) in an msgText buffer, allows remote attackers to cause a denial of service (chat server crash) and potentially execute arbitrary code. This i...

5CVSS8.5AI score0.05761EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2005/04/14 4:0 a.m.15 views

CVE-2002-1351

Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service chat server crash and possibly execute arbitrary code via the msgText buffer in the chatInterpretData function, as demonstrated via a long Nick nickname request...

8.1AI score0.05761EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2004/10/26 12:0 a.m.21 views

yak212.txt

Luigi Auriemma Application: Yak! http://www.digicraft.com.au/yak/ Versions: = 2.1.2 Platforms: Windows Bug: directory traversal upload Exploitation: remote Date: 15 October 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2 Bug 3 The Code ...

7.4AI score
Exploits0
NVD
NVD
added 2002/12/24 5:0 a.m.16 views

CVE-2002-1351

Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service chat server crash and possibly execute arbitrary code via the msgText buffer in the chatInterpretData function, as demonstrated via a long Nick nickname request...

5CVSS8.1AI score0.05761EPSS
Exploits1References4
exploitpack
exploitpack
added 2002/04/14 12:0 a.m.32 views

Melange Chat System 2.0.2 Beta 2 - yell Remote Buffer Overflow

Melange Chat System 2.0.2 Beta 2 - yell Remote Buffer Overflow source: https://www.securityfocus.com/bid/4508/info Melange Chat System is a chat server program developed by Christian Walter. Currently support for this application is no longer available. Due to inadequate bounds checking in Melang...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2002/04/14 12:0 a.m.35 views

Melange Chat System 2.0.2 Beta 2 - '/yell' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/4508/info Melange Chat System is a chat server program developed by Christian Walter. Currently support for this application is no longer available. Due to inadequate bounds checking in Melange, it is possible for users to initiate a buffer overflow...

7AI score
Exploits0
Rows per page
Query Builder